Iptables For Ipcop

From The Wiki Guide

Revision as of 09:24, 19 July 2006 by Ookami (Talk | contribs)
(diff) ←Older revision | Current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search

Contents

IpCop iptables Commands

These commands are custom tailored to IpCop, and are a little bit of a deviation from a standard iptables statement.

Considerations:

  • IPT is just an alias for /sbin/iptables
  • CUSTOMFORWARD is the section of ipcop iptables which allows custom rules
  • The -m iprange --src-range is not supported in IpCop's version of Iptables
    • The way I chose to block is by subnet

Example:

  • IPT -A CUSTOMFORWARD -i ppp0 -s 210.0.0.0/8 -j DROP
    • The example above will block all traffic coming in from the 210.0.0.0/8 subnet
    • ppp0 is the Red interface in my case, depending on your configuration, the interface might differ

Creating Script In IpCop

  1. In the IpCop Box, create a script 'yourscript' and place it in /etc/rc.d/
    • Make the script executeable

Executing Script

  1. Next you run /etc/rc.d/rc.local
    • This will run all the scripts in the rc.d directory, and will avoid a restart

Resources

Cool link for IpTables:

Retrieved from "http://www.ntxserver.com/wiki/index.php/Iptables_For_Ipcop"