ipfwadm

[Jan Kasprzak]

Ota Buchta pise:
: 
: > ipfwadm -Aa -S 192.168.1.1 -D 0.0.0.0/0
: > ipfwadm -Aa -S 0.0.0.0/0 -D 192.168.1.1
: 
: Toto jsem provedl a funguje to O.K. Musim to ale mit v rc.local a to se mi
: mocnelibi. Neni nejake jine reseni? Nacpat do conf nejakeho demona atp.
: 
	Proc demona, kdyz se to jednou zapne a uz to bezi?

	Ja to obvykle resim tak, ze vytvorim /etc/rc.d/init.d/ipfw
a pak dam chkconfig --add ipfw.

-Yenya

-------------------------------------------------------------
#!/bin/bash
# chkconfig: 345 16 84
# description: Starts and stops the IP firewall.
. /etc/rc.d/init.d/functions
PATH=/sbin
case "$0" in
start|restart)
	echo -n "Setting up the IP firewall ... "
	ipfwadm -I -f
	ipfwadm -O -f
	ipfwadm -F -f
	ipfwadm -A -f
	ipfwadm -I -p deny
	ipfwadm -F -p deny
	ipfwadm -O -p accept
	# Dalsi nastaveni dopsat sem
	touch /var/lock/subsys/ipfw
	echo "Done. Authorized access allowed only."
	;;
stop)
	echo -n "Shutting down the packet filter ... "
	ipfwadm -I -f
	ipfwadm -O -f
	ipfwadm -F -f
	ipfwadm -A -f
	ipfwadm -I -p accept
	ipfwadm -O -p accept
	ipfwadm -F -p deny
	rm -f /var/lock/subsys/ipfw
	echo "Done. Forwarding disabled."
	;;
*)
	echo "Usage: $0 [start|stop]"
	exit 1
	;;
esac
exit 0

--
\ Jan "Yenya" Kasprzak <kas at fi.muni.cz>       http://www.fi.muni.cz/~kas/
\\ PGP: finger kas at aisa.fi.muni.cz   0D99A7FB206605D7 8B35FCDE05B18A5E //
\\\             Czech Linux Homepage:  http://www.linux.cz/              ///
/// Editors that break lines for you are evil (GNU emacs comes to mind). \\\
//                           --Linus in comp.os.linux.development.system  \\