09-30-2002
re : inetd.sec
ya, that file is straightforward enough... but i am wondering about the firewall thing....
so ipchains or iptables in linux (its just a matter of finding the correct commans in aix, hpux, solaris) then we can set all these rules?
then how about the physical firewall hardware?
surely, there will be some differences
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hello there! :)
i'm a newbie here...and i have a question, how can you logout while you're chatting in commode?
thanx!
:) (2 Replies)
Discussion started by: hapiworm
2 Replies
2. UNIX for Dummies Questions & Answers
how can I get on to telnet keep getting the page cant be found:confused: (1 Reply)
Discussion started by: tamworther
1 Replies
3. UNIX for Advanced & Expert Users
Hi,
When we use telnet (from unix workstation or windows) to remotely access the Unix server, the environment variables such as: DISPLAY, TERM, LOGNAME are communicate to the telnet server during the telnet session negotiation. By default these variables are passed to the server.
We can... (1 Reply)
Discussion started by: vtran4270
1 Replies
4. Shell Programming and Scripting
Hi,
I have automated a build process that does the following activities.
1. check out code from cvs to a specific directory
2. build the revision checked out with 'ANT'
3. integrate the compiled code with the QA/UAT or new environment
(/apps/QA or /apps/UAT or /apps/new directory)
I... (1 Reply)
Discussion started by: yoi2hot4ya
1 Replies
5. Shell Programming and Scripting
Somewhat long story:
I have a simple Perl CGI script that uses Expect to Telnet to a device and grab some data, and then spits it back to Perl for display on the Webpage.
This works for many devices I've tried, but one device just fails, it keeps rejecting the password on this device, only... (1 Reply)
Discussion started by: jondo
1 Replies
6. Shell Programming and Scripting
HI All
Some body wrote to me this Telnet Script :
#!/opt/perl/bin/perl
$ip = $ARGV;
die ("IP must be passed as an argument. $!\n") unless defined($ip);
use Net::Telnet ();
$handle = new Net::Telnet (Timeout => 10, Prompt => '/.*(#|>|\))\s*$/');
$handle->open("$ip");... (10 Replies)
Discussion started by: Darknight
10 Replies
7. OS X (Apple)
I wanted to learn Telnet protocol so I read an RFC-854 on telnet but now i'm kinda stuck ...where to go now????
Need guidance from you guys...about some website or any resources that could help to learn more about it. (1 Reply)
Discussion started by: jFreak619
1 Replies
8. Emergency UNIX and Linux Support
We are using the solaris server and if i am using rm -rf to delete the directories its asking the confirmation for each and every file inside the directory.Is there any way to disable ( should not ask the confirmation) only for a particular session? (12 Replies)
Discussion started by: sureshbabuc
12 Replies
9. UNIX for Dummies Questions & Answers
Hi,
I was writing one script which includes to switch to the another telnet automatically from the present telnet server. I was using rlogin but firstly it takes the same user name of the present telnet and secondly it is prompting for the password.
But i want to switch to the another telnet... (2 Replies)
Discussion started by: Prateek
2 Replies
10. UNIX for Dummies Questions & Answers
Hi,
I want to know the difference between these two services. Both are under xinetd. Both are used for enabling and disabling Telnet service. So, can somebody please explain me the difference between the two ?
Thanks in advance :) (0 Replies)
Discussion started by: kashifsd17
0 Replies
LEARN ABOUT DEBIAN
pyroman
PYROMAN(8) System Manager's Manual PYROMAN(8)
NAME
pyroman - a firewall configuration utility
SYNOPSIS
pyroman
[ -hvnspP ] [ -r RULESDIR ] [ -t SECONDS ]
[ --help ] [ --version ] [ --safe ] [ --no-act ]
[ --print ] [ --print-verbose ] [ --rules=RULESDIR ]
[ --timeout=SECONDS ] [ safe ]
DESCRIPTION
pyroman is a firewall configuration utility.
It will compile a set of configuration files to iptables statements to setup IP packet filtering for you.
While it is not necessary for operating and using Pyroman, you should have understood how IP, TCP, UDP, ICMP and the other commonly used
Internet protocols work and interact. You should also have understood the basics of iptables in order to make use of the full
functionality.
pyroman does not try to hide all the iptables complexity from you, but tries to provide you with a convenient way of managing a complex
networks firewall. For this it offers a compact syntax to add new firewall rules, while still exposing access to add arbitrary iptables
rules.
OPTIONS
-r RULESDIR,--rules=RULES
Load the rules from directory RULESDIR instead of the default directory (usually /etc/pyroman )
-t SECONDS,--timeout=SECONDS
Wait SECONDS seconds after applying the changes for the user to type OK to confirm he can still access the firewall. This implies
--safe but allows you to use a different timeout.
-h, --help
Print a summary of the command line options and exit.
-V, --version
Print the version number of pyroman and exit.
-s, --safe, safe
When the firewall was committed, wait 30 seconds for the user to type OK to confirm, that he can still access the firewall (i.e. the
network connection wasn't blocked by the firewall). Otherwise, the firewall changes will be undone, and the firewall will be
restored to the previous state. Use the --timeout=SECONDS option to change the timeout.
-n, --no-act
Don't actually run iptables. This can be used to check if pyroman accepts the configuration files.
-p, --print
Instead of running iptables, output the generated rules.
-P, --print-verbose
Instead of running iptables, output the generated rules. Each statement will have one comment line explaining how this rules was
generated. This will usually include the filename and line number, and is useful for debugging.
CONFIGURATION
Configuration of pyroman consists of a number of files in the directory /etc/pyroman. These files are in python syntax, although you do
not need to be a python programmer to use these rules. There is only a small number of statements you need to know:
add_host
Define a new host or network
add_interface
Define a new interface (group)
add_service
Add a new service alias (note that you can always use e.g. www/tcp to reference the www tcp service as defined in /etc/services)
add_nat
Define a new NAT (Network Address Translation) rule
allow Allow a service, client, server combination
reject Reject access for this service, client, server combination
drop Drop packets for this service, client, server combination
add_rule
Add a rule for this service, client, server and target combination
iptables
Add an arbitrary iptables statement to be executed at beginning
iptables_end
Add an arbitrary iptables statement to be executed at the end
Detailed parameters for these functions can be looked up by caling
cd /usr/share/pyroman
pydoc ./commands.py
BUGS
None known as of pyroman-0.4 release
AUTHOR
pyroman was written by Erich Schubert <erich@debian.org>
SEE ALSO
iptables(8), iptables-restore(8) iptables-load(8)
PYROMAN(8)