I Have Servers in remote location and now im setting up Some of the iptables fot that this is my finall steps in my servers and i need to open only 5 ports they are
80,443,9123,1985,22 And 22 Must want to be enabled for accesing it from my location , So here is the ip tables i have wrote , Please Review it and give me solution wether is in correct format for opening those 5 ports and all other ports need to be closed . Dos attack want to be Protected its too mentioned here please go throught it and give me solution
This last line Blocking every think .. how can i enable all the above ports and block all other .. did the line 6th one is right ? Suggest me please
After this only i need to configure failtoban ..
Last edited by DukeNuke2; 08-01-2013 at 01:08 PM..
HI All,
Suddenly don't know what happened to redhat linux 7.2 any program start then itsn't listing while using ps -ef
ex: ./xyz this xyz program pid not showing in ps-ef
Pls let me know what is the reason for the same.
Thanks a lot in advance
Bache (7 Replies)
Hi,
I have a shell scripting. This will take 7 digit number in each line and add 7 digit number with next subsequent lines ( normal addition ).
Eg:
0000001
0000220
0001235
0000022
0000023
...........
.........
........
Like this i am having around 1500000 records. After adding... (23 Replies)
In LINUX(CentOS, RedHat) is there a way to have the banner statement appear before the logon instead of after the logon? In UNIX and Windows the banner appears before a person actually logs on, what I'm seeing in LINUX is that it appears after the login(ftp, telnet, SSH).
Thanks (0 Replies)
I want to copy large amount of files aproximately more than 20,000 files from one file system to another file system, but it gives me error like:
#cd /opt/appserver/images
#cp * /opt/appserver02/public/images
Argument list is too long
Also above mention error appear again when i run:
... (1 Reply)
Hello everyone, I'm in need of some assistance. I'm currently enrolled in an introductory UNIX shell programming course and, well halfway through the semester, we are receiving our first actual assignment. I've somewhat realized now that I've fallen behind, and I'm working to get caught up, but for... (1 Reply)
Hi All,
I am using the below script which has awk command, but it is not returing the expected result. can some pls help me to correct the command.
The below script sample.ksh should give the result if the value of last 4 digits in the variable NM matches with the variable value DAT. The... (7 Replies)
Hi all,
I'm trying to set up a virtual machine to act as a Windows host firewall.
The basic idea is that the guest OS is configured on a sub with a router and the host is configured on another sub with the guest.
I found this ancient iptables script and I did some minor mods to fit my network... (0 Replies)
Hi,
when i am trying below script
assume that below values are taken in code
#!/bin/ksh
if
then
echo usage: aNlist.sh QMGR NAME MQREQ
fi
NL=`echo 'dis qmgr'|runmqsc $1|grep REPOSNL|sed 's/.*REPOSNL\(.*\).*/\1/' |cut -d'(' -f2|cut -d')' -f1`
echo 'define nl('$NL_$2')... (25 Replies)
Hi All,
I have a small queries to get the character count
i tried with wc -c and wc -m but its not returend current result
For eg:
wc -c
wc -m
echo "Name" | wc -c
result: 5 but actually it should returned 4
Help me on this to ge the correct one.
Thanks!
----------... (4 Replies)
Discussion started by: siva.pitchai
4 Replies
LEARN ABOUT SUSE
iptables-xml
IPTABLES-XML(8)IPTABLES-XML(8)NAME
iptables-xml -- Convert iptables-save format to XML
SYNOPSIS
iptables-xml [-c] [-v]
DESCRIPTION
iptables-xml is used to convert the output of iptables-save into an easily manipulatable XML format to STDOUT. Use I/O-redirection pro-
vided by your shell to write to a file.
-c, --combine
combine consecutive rules with the same matches but different targets. iptables does not currently support more than one target per
match, so this simulates that by collecting the targets from consecutive iptables rules into one action tag, but only when the rule
matches are identical. Terminating actions like RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.
-v, --verbose
Output xml comments containing the iptables line from which the XML is derived
iptables-xml does a mechanistic conversion to a very expressive xml format; the only semantic considerations are for -g and -j targets in
order to discriminate between <call> <goto> and <nane-of-target> as it helps xml processing scripts if they can tell the difference between
a target like SNAT and another chain.
Some sample output is:
<iptables-rules>
<table name="mangle">
<chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-count="7137573">
<rule>
<conditions>
<match>
<p>tcp</p>
</match>
<tcp>
<sport>8443</sport>
</tcp>
</conditions>
<actions>
<call>
<check_ip/>
</call>
<ACCEPT/>
</actions>
</rule>
</chain>
</table> </iptables-rules>
Conversion from XML to iptables-save format may be done using the iptables.xslt script and xsltproc, or a custom program using libxsltproc
or similar; in this fashion:
xsltproc iptables.xslt my-iptables.xml | iptables-restore
BUGS
None known as of iptables-1.3.7 release
AUTHOR
Sam Liddicott <azez@ufomechanic.net>
SEE ALSO iptables-save(8), iptables-restore(8), iptables(8)
Jul 16, 2007 IPTABLES-XML(8)