Sihnon wiki

User Tools

Site Tools

You are here: start » iptables
iptables

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
iptables [2014/11/24 02:09]
ben 		iptables [2014/11/24 02:11]
ben
Line 3: Line 3:
 ===== Gateway Firewall Configuration ===== ===== Gateway Firewall Configuration =====
 The firewall configuration is held in subversion, at the url The firewall configuration is held in subversion, at the url
-<tt>svn+ssh://username@subversion.sihnon.net/var/svn/repos/configs/firewall/santo/iptables.bath</tt>. The live copy of the rules are held in santo:/etc/firewall/iptables.bath, and have been checked out using read-only https access to the repository. Please edit changes in your homedir, commit the changes to subversion, and update the live copy to update the config; do not make changes to the live copy of the rules as these cannot be committed to the repository and the changes may be lost.+''svn+ssh://username@subversion.sihnon.net/var/svn/repos/configs/firewall/santo/iptables.bath''. The live copy of the rules are held in santo:/etc/firewall/iptables.bath, and have been checked out using read-only https access to the repository. Please edit changes in your homedir, commit the changes to subversion, and update the live copy to update the config; do not make changes to the live copy of the rules as these cannot be committed to the repository and the changes may be lost.
  
-To test rules while editing the rules file, the <tt>iptables-restore</tt> tool can be used. Changes made using this tool are not persistent and will not survive a reboot.+To test rules while editing the rules file, the ''iptables-restore'' tool can be used. Changes made using this tool are not persistent and will not survive a reboot.
  
 To add new holes for specific machines, scroll to the bottom of the file and copy an existing example. To add new machines is slightly more complex, but there are already examples for most scenarios in this file.  To add new holes for specific machines, scroll to the bottom of the file and copy an existing example. To add new machines is slightly more complex, but there are already examples for most scenarios in this file. 
Line 25: Line 25:
 {{Kernel|2.6.28-gentoo-r1|<code>1@@</code>}} {{Kernel|2.6.28-gentoo-r1|<code>1@@</code>}}
  
-Create an alternate routing table by adding the following line to the end of <tt>rt_tables</tt>.+Create an alternate routing table by adding the following line to the end of ''rt_tables''.
 {{File|/etc/iproute2/rt_tables|<code>2@@</code>}} {{File|/etc/iproute2/rt_tables|<code>2@@</code>}}
  
Line 33: Line 33:
 {{File|/etc/conf.d/net|<code>3@@</code>}} {{File|/etc/conf.d/net|<code>3@@</code>}}
  
-Now we need to specify that certain connections will be sent according to the alternate routing table instead of the main one. These scripts are stored in subversion, under <tt>routing-rules</tt> init script at [[https://dev.sihnon.net/svnpriv/configs/network/router|configs:/network/router]] but is configured like this:+Now we need to specify that certain connections will be sent according to the alternate routing table instead of the main one. These scripts are stored in subversion, under ''routing-rules'' init script at [[https://dev.sihnon.net/svnpriv/configs/network/router|configs:/network/router]] but is configured like this:
  
 {{File|/etc/conf.d/routing-rules|<code>4@@</code>}} {{File|/etc/conf.d/routing-rules|<code>4@@</code>}}
iptables.txt · Last modified: 2014/11/24 02:15 by ben

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki