10-07-2008
Adding new iptables
Hi, I basically want to create a shell script that reads in the /etc/sysconfig/iptables. When it sees the line "-A INPUT -j REJECT --reject-with icmp-host-prohibited" it will create a new line before it and add in the line from another file which will have "-A INPUT -p udp -m udp --dport 27020 -j ACCEPT"
So it will look like:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p udp -m udp --dport 27020 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Last edited by SpaceY; 10-07-2008 at 01:28 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am adding a new HDD to a Unix Sco Release 5 webserver.
I consider myself a windows pro. However, growing up in the late 90's means I have little Unix knowledge. I know the HDD has to be mounted and formatted correctly. Can anyone give me any advice on this?
A dummy's guide to installing a... (5 Replies)
Discussion started by: jeffreydavisjr
5 Replies
2. UNIX for Advanced & Expert Users
Hi
I am comparing two files, 100th column have formatting issue
i mean 1 file have scale 4 and anothe file scale 2 ,if scale 2 need to add two zeros.Please any idea how to add two zers to 100th coulmn if scale is 2
file 1
.................1234.2000
file2
................1234.20
... (3 Replies)
Discussion started by: mohan705
3 Replies
3. UNIX for Dummies Questions & Answers
Hi All
i need a add recored like
DateOfDU2=245,Time=00326 (in milli secounds )
DateOfDU2=245,Time=00347
DateOfDU2=245,Time=00258
DateOfDU2=246,Time=00325
DateOfDU2=246,Time=00408
DateOfDU2=246,Time=00257
DateOfDU2=247,Time=00037
DateOfDU2=247,Time=00417
DateOfDU2=247,Time=00420... (1 Reply)
Discussion started by: nalakaatslt
1 Replies
4. Shell Programming and Scripting
I need some help with adding lines to file and substitute a pattern.
Ok I have a file:
#cat names.txt
name: John Doe
stationed: 1
name: Michael Sweets
stationed: 41
.
.
.
And would like to change it to:
name: John Doe
employed
permanently
stationed: 1-office (7 Replies)
Discussion started by: hemo21
7 Replies
5. Shell Programming and Scripting
Hello,
I have a main file with IP addresses like this:
Erisim var,100,172.17.241.5,4006,60,IS0799,TCP/IP
Erisim var,1003,172.17.140.4,4004,60,IS2156,TCP/IP
Erisim var,1004,172.17.140.5,4002,60,IS2636,TCP/IP
Erisim var,1005,172.17.140.5,4004,60,IS2436,TCP/IP
Erisim... (8 Replies)
Discussion started by: Spunkerspawn
8 Replies
6. Shell Programming and Scripting
Hi.
I have a for loop that I use to extract integer values in a shell script (ksh). Now, I would like to add the values. My preference, from my c programming days, would be to do something like the commented out line below in the for loop. However, this is not recognised. So I use the line... (2 Replies)
Discussion started by: mikem22
2 Replies
7. AIX
Hi Admins,
I was told to add new ip,mask and gateway to my 3rd nic.so i prepared a plan doing the same via smitty. now i need to know do i plumb and unplumb before adding ip.
plz suggest
Regards
newaix (1 Reply)
Discussion started by: newaix
1 Replies
8. Shell Programming and Scripting
Hello,
suppose I have a file that consists of a single column of various numbers, as in
12.010
1.0080
1.0080
0.8780
0.1350
0.0000
-0.4157
0.2719
How can I use AWK (or equivalent) to add the numbers of two specific lines? I want to sum, for example, the first with the fifth, the second... (4 Replies)
Discussion started by: Leo_Boon
4 Replies
9. UNIX for Dummies Questions & Answers
my shell script:
#!/bin/ksh
date +%d > /tmp/day.log
day=`tail /tmp/day.log`
############################
for example:
date +%d shows me 05
i want to add 14 days to 05 into my above script.
bc
5+15
19
but i am not sure how to put into above script. (5 Replies)
Discussion started by: lawsongeek
5 Replies
10. UNIX for Beginners Questions & Answers
I have an array in an external file, "array.txt", which contains:
char *testarray={"Zero", "One", "Two", "Three", "Four", "Five", "Six", "Seven", "Eight", "Nine"};I want to be able to add an element to this array, and have that element display, whenever I call it, without having to recompile... (29 Replies)
Discussion started by: ignatius
29 Replies
LEARN ABOUT DEBIAN
shorewall-maclist
SHOREWALL-MACLIST(5) [FIXME: manual] SHOREWALL-MACLIST(5)
NAME
maclist - Shorewall MAC Verification file
SYNOPSIS
/etc/shorewall/maclist
DESCRIPTION
This file is used to define the MAC addresses and optionally their associated IP addresses to be allowed to use the specified interface.
The feature is enabled by using the maclist option in the shorewall-interfaces[1](5) or shorewall-hosts[2](5) configuration file.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
the alternate specification syntax).
DISPOSITION - {ACCEPT|DROP|REJECT}[:log-level]
ACCEPT or DROP (if MACLIST_TABLE=filter in shorewall.conf[3](5), then REJECT is also allowed). If specified, the log-level causes
packets matching the rule to be logged at that level.
INTERFACE - interface
Network interface to a host.
MAC - address
MAC address of the host -- you do not need to use the Shorewall format for MAC addresses here. If IP ADDRESSESES is supplied then MAC
can be supplied as a dash (-)
IP ADDRESSES (addresses) - [address[,address]...]
Optional - if specified, both the MAC and IP address must match. This column can contain a comma-separated list of host and/or subnet
addresses. If your kernel and iptables have iprange match support then IP address ranges are also allowed. Similarly, if your kernel
and iptables include ipset support than set names (prefixed by "+") are also allowed.
FILES
/etc/shorewall/maclist
SEE ALSO
http://shorewall.net/MAC_Validation.html
http://shorewall.net/configuration_file_basics.htm#Pairs
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)
NOTES
1. shorewall-interfaces
http://www.shorewall.net/manpages/shorewall-interfaces.html
2. shorewall-hosts
http://www.shorewall.net/manpages/shorewall-hosts.html
3. shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
[FIXME: source] 06/28/2012 SHOREWALL-MACLIST(5)