04-25-2013
iptables can do lots of fun things with sources, destinations, routes, types, and to a limited extent stateful things like simple detection of some protocols but I don't think it's good for this depth of packet content reading. It's just a firewall in the end.
This User Gave Thanks to Corona688 For This Post:
9 More Discussions You Might Find Interesting
1. UNIX Desktop Questions & Answers
Hey all,
I'm brand new to Unix/Linux and have a couple of questions. I own a small education/consulting company that has a staff of approx. 50 employees. Most our work is geared towards the office-style environment (i.e. Word, Excel, Powerpoint, etc.). There are also some C and Java programmers... (4 Replies)
Discussion started by: dennie1
4 Replies
2. Solaris
Ladies/Gentlemen,
I am looking for a web-based tool to keep track of my Sun inventory. The following list of fields are fields I would like to store: Root Passwd (needs to be secure) / Hostid / Console Port / IP Address / Platform / Application / Hostname . . . you get the point.
Do any of... (4 Replies)
Discussion started by: pc9456
4 Replies
3. Post Here to Contact Site Administrators and Moderators
Hi,
I am new at this site and at unix. I was reading some answers that the administrators and moderators have posted to others, and sometimes I feel like their a little sarcastic.
I am asking just to be patient to me, I know nothing about unix but I do want to learn, and I think that positive... (7 Replies)
Discussion started by: HN19
7 Replies
4. UNIX for Dummies Questions & Answers
i'm trying to figure out a script that uses sed, and i'm not totally sure if it does what I think it does.
The script...
- takes in 3 inputs, $1, $2 are names. $3 is a file.
- filename is a file.
Here is what I'm trying to figure out:
cat $3 | grep "id17" > var2
sed "s|@@.*||g" var2 >... (1 Reply)
Discussion started by: gammaman
1 Replies
5. UNIX for Dummies Questions & Answers
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
I... (0 Replies)
Discussion started by: mojoman
0 Replies
6. UNIX and Linux Applications
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
... (1 Reply)
Discussion started by: mojoman
1 Replies
7. UNIX for Advanced & Expert Users
This perhaps does not belong in ths category; apologies, however, we have a heated debate going and your input will decide the result.
Should UNIX (HP, AIX, etc) be rebooted following a monthly cycle (Every month, or a qtr, etc.). We have some UX admins (grumps) who say they have seen a UX... (6 Replies)
Discussion started by: rsheikh
6 Replies
8. What is on Your Mind?
Dear Forum staff / Advisors / members ,
I am having something in my mind, about Linux / Unix possible Interview questions collections, I guess if I post them here,which might be useful for our members and for students, and in meantime we can discuss also about those questions, what's your... (4 Replies)
Discussion started by: Akshay Hegde
4 Replies
9. Android
Please disregard this post (0 Replies)
Discussion started by: johnnybopper
0 Replies
FGADM(8) System Manager's Manual FGADM(8)
NAME
fgadm - filtergen command program
SYNOPSIS
fgadm [ check | reload | save | stop ]
DESCRIPTION
fgadm is a simple command interface for managing filtergen(8) based packet filters.
USAGE
fgadm can be used to stop existing filters (thus turning them off), reload new packet filters, save currently running filters for
longevity, and to check filter scripts for errors before reloading.
The following commands are accepted by fgadm:
check Check the filter script /etc/filtergen/rules.filter for errors. The generated filter will be printed on standard output, and errors
printed to standard error.
reload Replace the current live packet filter with the one in /etc/filtergen/rules.filter. The script will be tested for errors before
reloading.
save The current live packet filter will be saved in a distribution-friendly way. On Red Hat systems, this will save the iptables or
ipchains firewall that is currently loaded into the kernel to load at boot with the iptables or ipchains initscript.
stop This command will flush the current live packet filter out and put it in a default accept mode, thus no firewalling will be in
place. This is useful to abort firewalls in an emergency.
EXAMPLES
One may find the following sequence of commands useful for making firewall changes on live servers:
# at now + 2 min
warning: commands will be executed using (in order) a) $SHELL b) login shell c) /bin/sh
at> fgadm stop
at> ^D<EOT>
job 53 at 2004-06-07 17:25
# fgadm check
# fgadm reload
# atq
53
# atrm 53
# fgadm save
FILES
/etc/filtergen/rules.filter
Packet filter descriptions are read from this file when fgadm is used.
/etc/filtergen/fgadm.conf
This file alters the behaviour of filtergen as called from fgadm.
BUGS
fgadm save does not work on Debian systems with iptables due to a lack of common sense in the iptables package.
SEE ALSO
filtergen(8), filter_syntax(5), filter_backends(5)
AUTHOR
fgadm was written by Jamie Wilkinson <jaq@spacepants.org> for the filtergen package, to ease maintenance of filtergen-based firewalls.
June 7, 2004 FGADM(8)