Topic: iptables

[bhairav]

is there any web based interface for firewall rules for the SME server 5.6 which uses iptables
thanks for help in advance

[Anonymous]

Yes, take a look at : http://no.longer.valid/mylinks/viewcat.php?op=&cid=123 and e-smith-masq-manager.

But I still develop it.
Actually i just implement icmp and antispoofing rules.

There is a HowTo in HowTo section.

[Muzo]

Doh! I forgot to login

But i have a request :
Have anybody make (build?) iptables with mod_string for SME 5.6 or 6.0?

[bhairav]

thanks the rpm does the work but what modification does i have to do in
/etc/e-smith/web/functions/firewall if i want to put source as well as destination address in rule and also can i combine the e-smith-portforwarding rpm to this one
thanks

[Muzo]

What do you mean?

You want to merge in a simple RPM, portforwarding contrib and masq-manager?

(I hope i understand your idea)
Portforwarding and masq-manager contribs are based on e-smith-packetfilter-1.13.0-04.noarch.rpm. So you can use twice. That's why I said in readme file, I didn't add a potforwarding pannel, because that's job is done.

In conclusion, e-smith-masq-manager-0.*-*.noarch.rpm and e-smith-portforwarding-0.*.0-*.noarch.rpm work fine together.

Have I answer correctly?

[bhairav]

i have just tried to mix both of them, i have installed both and redirect ur link for port rules to the port-forward, port-open and deny port and it works but i have some problems i will solve them soon and thanks for the help

[Muzo]

You're welcome

[bhairav]

i can not see the filter string rule link in the server manager panel of e-smith-masq-manager is it a bug or problem in my computer can u tell me if its a bug how to solve this, i have edited the /usr/lib/perl5/site_perl/esmith/Formmagick/Panels/firewall.pm and add a link at line 104 but it nod display the filter string rule page why???

[Muzo]

It's because mod_string isn't compiled on SME (5.6 and 6.0), and you can't use it. So I removed it.
But, all functions exists, there are just disabled in firewall panel. But I think (in the early morning it's hard to think) I removed all things about strings in panel. I must take a look to my own "still in developpement" manager.

Have your rebuild an netfilter iptables with mod_string for SME? If yes, i'm very interested  

[bhairav]

i can do the compilation for u but tell me that wheather i have to compile iptables in SME 5.6 or 6.0 or compile it on redhat linux 7.3 if in linux what r the SME packages i have to install in linux

[Muzo]

i can do the compilation for u but tell me that wheather i have to compile iptables in SME 5.6 or 6.0 or compile it on redhat linux 7.3 if in linux what r the SME packages i have to install in linux

Like you i use SME 5.6, but i have no idea about compiling iptables.  

[bhairav]

i have compiled many things on my SME 5.6 i can compile the iptables-1.2.5-3 on my SME 5.6 box so will it be usable for u if yes then i will compile it and handed over to u

[Muzo]

Oh Yes!! It will be very usable for me and many SME users i think.

Thanks a lot.

So i must update my firewall manager  

[Muzo]

I found an old source of my manager.
I think String panel is enabled.
Take a look : source

[bhairav]

ok i have found that and it is working thanks for that u have helped a lot to me thanks once again.