Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Back everyone, with im hoping, a rather simple answer to my question.
Been wrapping my head around IPTables for 2 weeks now, and finally have been able to get a few rules the way I like.
However, I am confused on a few things. let me explain.
Currently working with Fedora Core 3.
Now, adding rules via the command line is simple enough. Saving the rules is just a matter of:
service iptables save
Which, saves the rules to a file: /etc/sysconfig/iptables
Now, where I a bit lost is in the use of variables. For instance, I am going to be setting up a multi-homed firewall with iptables. It will use a DMZ and private lan. WIth that, I need to somehow specify the interfaces and IP address for each one in my rules some how. But im confused.
So how does one actually add variables to my rulesets? Can it be done via the command line? Can I edit /etc/init/iptables? Or maybe edit /etc/sysconfig/iptables?
Im just confused on how to put in my variables for IPTables to use.
If it calls for scripting, boy, I need to break out the books. It's been awhile.
Don't touch the "/etc/sysconfig/iptables" or "/etc/init.d/iptables" files unless you know what you're doing. You can create a simple script, then save the changes to the appropriate files.
The script can be placed anywhere on your system as a standard file, then do "chmod +x scriptname" to make it executeable.
It can be executed by "./scriptname" or "/directory/names/scriptname".. You can't simply type "scriptname" if you're in the same directory.
The variables are used inside the script where you would want to use a certain value more than once, so if you used "eth0" a few times your script might look like:
# EXAMPLE ONLY
iptables -A INPUT -i $INT_DEV -j LOG
iptables -A INPUT -i $INT_DEV -j ACCEPT
This just saves you having to type "eth0" in all of your commands. It doesn't matter which may you do it, however using variables and assigning values allows the script to be adjusted easily if you make any changes to your networing configuration.
Remember, bacis shell scripting is just adding a bunch of commands into a file that you can simply type at the command prompt one after the other, it just automates it.