(2) The /proc filesystem is virtual filesystem specific to some Operating Systems, such as Linux and Solaris. The entries in there can be written to or read from depending on driver- and kernel-specific settings. If an application checks for /proc/net/ip_tables_name and finds it, it assumes that iptables has been installed. So in answer to your second question, the answer is: no script is responsible; it's done by the relevant module or kernel feature.
(1) If you type
and see no output, then iptables is not installed. If it's not installed, you should not see /proc/net/ip_tables_name. Also grep for "ipchains" just in case you have an older version.
Would it be possible to restrict access to internet pages in the following way?
A machine:
IP = 128.1.17.123
Only pages from domains of the type "go.jp" and "ne.jp" are viewable. All others are not viewable or only partly viewable.
B machine:
IP = 128.1.17.146
Regardless of the domain... (4 Replies)
Hi Gurus,
I am new to UNIX Admin and i am trying to do one software installation.
During installation process, i need to disable the existing firewall settings. I am not much aware about the UNIX Firewall settings.
Can any one help me to find out whether the firewall is ON or not. If it is... (1 Reply)
Dear All
I have put my windows machine behind my centos firewall server with just one NIC. At now, the windows machine can ping 192.9.9.3 but cannot resolve valid url (like www.google.com). I have set DNS for it as well. Can you please let me know what is the missing step?
Thank you (6 Replies)
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Hey Guys,
I am looking for a good firewall software to implement in medium/large office, with at least 150 users.
I was hopping you guys could help me on this one.
Regards, (4 Replies)
Discussion started by: andrevicente
4 Replies
LEARN ABOUT DEBIAN
fwb_iosacl
fwb_pix(1) Firewall Builder fwb_pix(1)NAME
fwb_ipt - Policy compiler for Cisco IOS ACL
SYNOPSIS
fwb_iosacl [-vV] [-d wdir] [-4] [-6] [-i] -f data_file.xml object_name
DESCRIPTION
fwb_iosacl is firewall policy compiler component of Firewall Builder (see fwbuilder(1)). Compiler reads objects definitions and firewall
description from the data file specified with "-f" option and generates resultant Cisco IOS ACL configuration file. The configuration is
written to the file with the name the same as the name of the firewall object, plus extension ".fw". Compiler generates extended access
lists for Cisco routers running IOS v12.x using "ip access-list <name>" syntax. Compiler also generates "ip access-group" commands to
assign access lists to interfaces. Generated ACL configuration can be uploaded to the router manually or using built-in installer in the
fwbuilder(1) GUI.
The data file and the name of the firewall objects must be specified on the command line. Other command line parameters are optional.
OPTIONS -4 Generate iptables script for IPv4 part of the policy. If any rules of the firewall refer to IPv6 addresses, compiler will skip these
rules. Options "-4" and "-6" are exclusive. If neither option is used, compiler tries to generate both parts of the script,
although generation of the IPv6 part is controlled by the option "Enable IPv6 support" in the "IPv6" tab of the firewall object
advanced settings dialog. This option is off by default.
-6 Generate iptables script for IPv6 part of the policy. If any rules of the firewall refer to IPv6 addresses, compiler will skip these
rules.
-f FILE
Specify the name of the data file to be processed.
-d wdir
Specify working directory. Compiler creates file with ACL configuration in this directory. If this parameter is missing, then gen-
erated ACL will be placed in the current working directory.
-v Be verbose: compiler prints diagnostic messages when it works.
-V Print version number and quit.
-i When this option is present, the last argument on the command line is supposed to be firewall object ID rather than its name
URL
Firewall Builder home page is located at the following URL: http://www.fwbuilder.org/
BUGS
Please report bugs using bug tracking system on SourceForge:
http://sourceforge.net/tracker/?group_id=5314&atid=105314
SEE ALSO fwbuilder(1), fwb_pix(1), fwb_ipfw(1), fwb_ipf(1), fwb_ipt(1)fwb_pf(1)FWB fwb_pix(1)