09-25-2008
When I am booting system my rc.conf look as following
ifconfig_rl0="192.168.2.1"
ifconfig_rl1="192.168.1.1"
gateway_enable="YES"
#natd_enable="YES"
#natd_interface="rl1"
#natd_flags="-f /etc/natd.conf"
#firewall_enable="YES"
#firewall_type="OPEN"
defaultrouter="192.168.1.254"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"
pflog_logfile="/var/log/pf.log"
pflog_flags=""
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="rl0"
now my output on the webpage should look like this:
IP addresses rl0: 192.168.2.1 /24 <edit-button>
IP addresses rl0: 192.168.1.1 /24 <edit-button>
Route: 0.0.0.0 /0 192.168.1.254 <edit-button>
<add-button>
<apply-button> ----> saves it permanently in the rc.conf file
And for the HTTP session, I'd only like to enable the port for HTTP on the inside (with local auth database)
So this is the whole task, and I am struggling even with part one to choose the right scripting lang:-)
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
How to make this script?
1. Write a portable bash shell script called change_password.bash that will
prompt the user for a password. Use a series of if statements to test if:
1.
The password is NOT 6 or more characters
2.
The password does not contain at least 3 consecutive letters... (1 Reply)
Discussion started by: 3junior
1 Replies
2. Shell Programming and Scripting
Hi There,
I am new in UNIX I want to learn shell scripting please advice where should I start from, If anybody tell me how can I install a unix software from my windows XP I will be very greatful.
I apprechiate in advance!
Zeeshan (4 Replies)
Discussion started by: zsiddiqui
4 Replies
3. Shell Programming and Scripting
Does any one know how to capture the output of command called from a TCL script?
I cannot figure this out. I've been working on it for 4 hours now :confused: (2 Replies)
Discussion started by: Lorna
2 Replies
4. Shell Programming and Scripting
Hi, experts,
I wonder if anyone can help me up with this. Has been googling and reading several books but still come to no idea how this can be done. Well, it's like this. I have a bundle of codes developed in Perl. I need to do something like this:
1. perl script run using spawn
2. in... (3 Replies)
Discussion started by: dniz
3 Replies
5. Shell Programming and Scripting
Hi,
I am just going to start learning perl, but i have about tcl that it is easy. So , i am confused that whether to go for tcl or perl. I am just learning it as my interest, but still in future which one of these will benefit me. Also please guide me about tk, can we make GUI based applications... (4 Replies)
Discussion started by: sarbjit
4 Replies
6. Shell Programming and Scripting
I have a question on perl/Tcl script execution ....
right now i have both perl and Tcl script working individually standalone but i want to integrate the perl script in a Tcl script .... and the perl has the arguments to be passed along with command line execution and this argument is actually... (0 Replies)
Discussion started by: sukrish
0 Replies
7. Shell Programming and Scripting
Hi all,
I am trying to run a tcl script in a perl script.
Now my problem is when I run the tcl script from the perl script it runs very slowly but when I run the tcl script individually it is running at expected speed.
What could be the problem??
Help please!!!!
Thanks (0 Replies)
Discussion started by: mirock
0 Replies
8. Shell Programming and Scripting
I needed some help in adding a duration (in seconds) to a start time (in hhmmss format) and a start date (in mmddyy format) in order to get an end date and end time. The concept of a leap year is also to be considered while incrementing the day. The code/ function that I have formed so far is as... (3 Replies)
Discussion started by: codehelp04
3 Replies
9. Shell Programming and Scripting
Hi everyone,
I'm new to the forums, as you can probably tell... I'm also pretty new to scripting and writing any type of code.
I needed to know exactly how I can grep for multiple strings, in files located in one directory, but I need each string to output to a separate file.
So I'd... (19 Replies)
Discussion started by: LDHB2012
19 Replies
10. Shell Programming and Scripting
My logs aren't correct. Im trying to log failure and successes, then use the resulting successes file "seed" to perform another function. Problem is that the log has only a single random entry.
Thanks in advance for the help !
!#/usr/bin/expect
set count 0
set bcount 0
set fcnb 923... (0 Replies)
Discussion started by: sumguy
0 Replies
LEARN ABOUT DEBIAN
shorewall-exclusion
SHOREWALL-EXCLUSION(5) [FIXME: manual] SHOREWALL-EXCLUSION(5)
NAME
exclusion - Exclude a set of hosts from a definition in a shorewall configuration file.
SYNOPSIS
!address-or-range[,address-or-range]...
!zone-name[,zone-name]...
DESCRIPTION
The first form of exclusion is used when you wish to exclude one or more addresses from a definition. An exclaimation point is followed by
a comma-separated list of addresses. The addresses may be single host addresses (e.g., 192.168.1.4) or they may be network addresses in
CIDR format (e.g., 192.168.1.0/24). If your kernel and iptables include iprange support, you may also specify ranges of ip addresses of the
form lowaddress-highaddress
No embedded whitespace is allowed.
Exclusion can appear after a list of addresses and/or address ranges. In that case, the final list of address is formed by taking the first
list and then removing the addresses defined in the exclusion.
Beginning in Shorewall 4.4.13, the second form of exclusion is allowed after all and any in the SOURCE and DEST columns of
/etc/shorewall/rules. It allows you to omit arbitrary zones from the list generated by those key words.
Warning
If you omit a sub-zone and there is an explicit or explicit CONTINUE policy, a connection to/from that zone can still be matched by the
rule generated for a parent zone.
For example:
/etc/shorewall/zones:
#ZONE TYPE
z1 ip
z2:z1 ip
...
/etc/shorewall/policy:
#SOURCE DEST POLICY
z1 net CONTINUE
z2 net REJECT
/etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST
# PORT(S)
ACCEPT all!z2 net tcp 22
In this case, SSH connections from z2 to net will be accepted by the generated z1 to net ACCEPT rule.
In most contexts, ipset names can be used as an address-or-range. Beginning with Shorewall 4.4.14, ipset lists enclosed in +[...] may also
be included (see shorewall-ipsets[1] (5)). The semantics of these lists when used in an exclusion are as follows:
o !+[set1,set2,...setN] produces a packet match if the packet does not match at least one of the sets. In other words, it is like NOT
match set1 OR NOT match set2 ... OR NOT match setN.
o +[!set1,!set2,...!setN] produces a packet match if the packet does not match any of the sets. In other words, it is like NOT match set1
AND NOT match set2 ... AND NOT match setN.
EXAMPLES
Example 1 - All IPv4 addresses except 192.168.3.4
!192.168.3.4
Example 2 - All IPv4 addresses except the network 192.168.1.0/24 and the host 10.2.3.4
!192.168.1.0/24,10.1.3.4
Example 3 - All IPv4 addresses except the range 192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
!192.168.1.3-192.168.1.12,10.0.0.0/8
Example 4 - The network 192.168.1.0/24 except hosts 192.168.1.3 and 192.168.1.9
192.168.1.0/24!192.168.1.3,192.168.1.9
Example 5 - All parent zones except loc
any!loc
FILES
/etc/shorewall/hosts
/etc/shorewall/masq
/etc/shorewall/rules
/etc/shorewall/tcrules
SEE ALSO
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5),
shorewall-tunnels(5), shorewall-zones(5)
NOTES
1. shorewall-ipsets
http://www.shorewall.net/manpages/shorewall-ipsets.html
[FIXME: source] 06/28/2012 SHOREWALL-EXCLUSION(5)