why would:
along with /etc/hosts.deny rule of
not stop traffic to/from 180.x.x.x, which I still see by running iftop? Or could iftop just be showing an artifact and is there a better way to monitor connections real-time?
I want to block ping on a linuxbox to any other address where it would go to the default gateway.
vmdebianamd64:/etc/tcng# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
198.9.200.0 * 255.255.255.0 U 0 ... (1 Reply)
Hi,
I first wanted to install my NIC drivers but it said:
Makefile:62: *** Linux kernel source not found. Stop.
So I installed the kernel source: linux-source-2.6.18_2.6.18.dfsg.1-13etch5_all.deb
1) cd /usr/src
2) -xjvf linux-source.2.6.18.extension (forget what it was)
3) ln -s... (12 Replies)
I faced the following error while configuring the spine for cacti. Can any one help me to sort out this problem:
hecking how to run the C++ preprocessor... g++ -E
checking for g77... g77
checking whether we are using the GNU Fortran 77 compiler... yes
checking whether g77 accepts -g... yes... (1 Reply)
I'm trying to install a new library for php but everytime I run configure I got the following error "lib/cpp" fails sanity check.
My OS is solaris 10
Any help on how to solve this issue would be highly appreciated (3 Replies)
Hi,
i have 40 client's in my network, that connected to internet via
squid server (WebProxy). i want none of these client can't ping my squid server bat squid server can ping them.i wrote these rules but it is'nt work.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -A INPUT -p... (1 Reply)
I have situation where I have rules in iptables with comments. Now... I can for example enter rule like "iptables -A FORWARD -s xxx -j ACCEPT" and delete it with "iptables -D FORWARD -s xxx -j ACCEPT".. but if that rule contain some random comment (-m comment) then ... ? I can find with scripting... (2 Replies)
I have recently changed jobs and where i used to work we had kerberos. Here they have nothing resembling central password management or Network Authentication. I have started looking at LDAP but wonder if that is a good choice. we have a solaris/centos environment (no windows whoo hooo) with 4... (2 Replies)
IPTABLES-XML(8)IPTABLES-XML(8)NAME
iptables-xml -- Convert iptables-save format to XML
SYNOPSIS
iptables-xml [-c] [-v]
DESCRIPTION
iptables-xml is used to convert the output of iptables-save into an easily manipulatable XML format to STDOUT. Use I/O-redirection pro-
vided by your shell to write to a file.
-c, --combine
combine consecutive rules with the same matches but different targets. iptables does not currently support more than one target per
match, so this simulates that by collecting the targets from consecutive iptables rules into one action tag, but only when the rule
matches are identical. Terminating actions like RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.
-v, --verbose
Output xml comments containing the iptables line from which the XML is derived
iptables-xml does a mechanistic conversion to a very expressive xml format; the only semantic considerations are for -g and -j targets in
order to discriminate between <call> <goto> and <nane-of-target> as it helps xml processing scripts if they can tell the difference between
a target like SNAT and another chain.
Some sample output is:
<iptables-rules>
<table name="mangle">
<chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-count="7137573">
<rule>
<conditions>
<match>
<p>tcp</p>
</match>
<tcp>
<sport>8443</sport>
</tcp>
</conditions>
<actions>
<call>
<check_ip/>
</call>
<ACCEPT/>
</actions>
</rule>
</chain>
</table> </iptables-rules>
Conversion from XML to iptables-save format may be done using the iptables.xslt script and xsltproc, or a custom program using libxsltproc
or similar; in this fashion:
xsltproc iptables.xslt my-iptables.xml | iptables-restore
BUGS
None known as of iptables-1.3.7 release
AUTHOR
Sam Liddicott <azez@ufomechanic.net>
SEE ALSO iptables-save(8), iptables-restore(8), iptables(8)
Jul 16, 2007 IPTABLES-XML(8)