Topic: alternative iptables script for you all

[hanscees]

Hi,

at
http://www.hanscees.net/iptables5

You can find the iptables script I use for the esmith 5.6 as server/gateway. It was made because I want to know what is logged and where. It does extensive logging of connections from the internal lan.

Please feel free to use and improve it. Please let me know of mistakes and if you use it.

greetings,

Hans-Cees

[Anthony de Waal]

Hi,
I would like to try it, but have not yet found out how the built-in firewall from e-smith works, more specific: how can I turn it off and replace it with this one?
Kind greetings,
Thony

[hanscees]

Hi,

what I do is add it to /etc/rc.d/rc.local and place it whereever you like.

I copied /etc/rc.d/init.d/iptables to iptables5 and then changed that script.

I also re-run it every 15 minutes (if something happens to iptables it will get refreshed in 15 minutes, which flushes all chains) by adding it to crontab
/etc/crontab

and the templates of crontab:
/etc/e-smith/templates/etc/crontab/....

You could also replace the /etc/rc.d/init.d script by it, but you must also find the template. I do not like replacing such scripts since after an upgrade your script will likely be gone.

hc