04-25-2013
iptables can do lots of fun things with sources, destinations, routes, types, and to a limited extent stateful things like simple detection of some protocols but I don't think it's good for this depth of packet content reading. It's just a firewall in the end.
This User Gave Thanks to Corona688 For This Post:
9 More Discussions You Might Find Interesting
1. UNIX Desktop Questions & Answers
Hey all,
I'm brand new to Unix/Linux and have a couple of questions. I own a small education/consulting company that has a staff of approx. 50 employees. Most our work is geared towards the office-style environment (i.e. Word, Excel, Powerpoint, etc.). There are also some C and Java programmers... (4 Replies)
Discussion started by: dennie1
4 Replies
2. Solaris
Ladies/Gentlemen,
I am looking for a web-based tool to keep track of my Sun inventory. The following list of fields are fields I would like to store: Root Passwd (needs to be secure) / Hostid / Console Port / IP Address / Platform / Application / Hostname . . . you get the point.
Do any of... (4 Replies)
Discussion started by: pc9456
4 Replies
3. Post Here to Contact Site Administrators and Moderators
Hi,
I am new at this site and at unix. I was reading some answers that the administrators and moderators have posted to others, and sometimes I feel like their a little sarcastic.
I am asking just to be patient to me, I know nothing about unix but I do want to learn, and I think that positive... (7 Replies)
Discussion started by: HN19
7 Replies
4. UNIX for Dummies Questions & Answers
i'm trying to figure out a script that uses sed, and i'm not totally sure if it does what I think it does.
The script...
- takes in 3 inputs, $1, $2 are names. $3 is a file.
- filename is a file.
Here is what I'm trying to figure out:
cat $3 | grep "id17" > var2
sed "s|@@.*||g" var2 >... (1 Reply)
Discussion started by: gammaman
1 Replies
5. UNIX for Dummies Questions & Answers
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
I... (0 Replies)
Discussion started by: mojoman
0 Replies
6. UNIX and Linux Applications
Hello,
I get the following in one of my error logs:
Device /dev/sda, SATA disks accessed
via libata are not currently supported by smartmontools. When libata is
given an ATA
pass-thru ioctl() then an additional '-d libata' device type will be
added to smartmontools.
---------------
... (1 Reply)
Discussion started by: mojoman
1 Replies
7. UNIX for Advanced & Expert Users
This perhaps does not belong in ths category; apologies, however, we have a heated debate going and your input will decide the result.
Should UNIX (HP, AIX, etc) be rebooted following a monthly cycle (Every month, or a qtr, etc.). We have some UX admins (grumps) who say they have seen a UX... (6 Replies)
Discussion started by: rsheikh
6 Replies
8. What is on Your Mind?
Dear Forum staff / Advisors / members ,
I am having something in my mind, about Linux / Unix possible Interview questions collections, I guess if I post them here,which might be useful for our members and for students, and in meantime we can discuss also about those questions, what's your... (4 Replies)
Discussion started by: Akshay Hegde
4 Replies
9. Android
Please disregard this post (0 Replies)
Discussion started by: johnnybopper
0 Replies
LEARN ABOUT DEBIAN
arno-iptables-firewall
ARNO-IPTABLES-FIREWALL(8) ARNO-IPTABLES-FIREWALL(8)
NAME
arno-iptables-firewall - Single- & multi-homed firewall script with DSL/ADSL support.
SYNOPSIS
/etc/init.d/arno-iptables-firewall [start|stop|status|force-reload|restart]
DESCRIPTION
arno-iptables-firewall is an iptables configuration script with support for both IPv4 & IPv6. While it is extremely easy to use one can
nevertheless use it in quite complicated environments.
All available options are explained in the extensively documented configuration file.
The external interface of the system needs to be set up properly in the firewalls configuration file (EXT_IF). The default behavior of the
firewall is to deny all incoming connections.
For additional requirements not covered by the configuration file custom iptables rules can be placed in /etc/arno-iptables-firewall/cus-
tom-rules. This file is automatically parsed by the service script.
See the README file (eg. in /usr/(local/)share/doc/arno-iptables-firewall) for an example how to manage logging of firewall events through
syslogd.
The arno-fwfilter script can be used to make the firewall logs more readable for humans (see manpage).
Several plugins for the firewall script are available online. Plugins can be downloaded from http://rocky.eld.leidenuniv.nl/ Please see the
README file for more information.
FILES
/etc/init.d/arno-iptables-firewall system service script
/etc/arno-iptables-firewall/firewall.conf firewall configuration
/etc/arno-iptables-firewall/conf.d/ firewall configuration directory
/etc/arno-iptables-firewall/custom-rules custom iptables rules
/etc/arno-iptables-firewall/blocked-hosts host blacklist
/etc/arno-iptables-firewall/mac-addresses mac filter list
Please note, that the last two files do exist in the initial configuration and their use is disabled in /etc/arno-iptables-firewall/fire-
wall.conf
SEE ALSO
iptables(8), arno-fwfilter(1), syslog.conf(5)
The http://rocky.eld.leidenuniv.nl/ web site.
AUTHOR
arno-iptables-firewall was written by Arno van Amersfoort <arnova@rocky.eld.leidenuniv.nl>.
This manual page was written by Michael Hanke <michael.hanke@gmail.com>, for the Debian project (but may be used by others).
Michael Hanke March 14, 2012 ARNO-IPTABLES-FIREWALL(8)