HomeIptables firewall and blockhosts

Reply to comment

Wed, 2008-04-09 15:29 — Ktav (not verified)

Forward chain

Hey, thanks for this info, it was very useful.

If you also want to add the rules to the FORWARD chain as well, at line 860 replace this:

        Log.Info(" ... creating jump from INPUT to %s chain" % chain)
        cmd = path + " --append INPUT -j %s" % chain
        (waitstatus, output) = _do_cmd(cmd, dry_run, 0)
        if waitstatus != 0:
            return

with this:

        Log.Info(" ... creating jump from INPUT to %s chain" % chain)
        #cmd = path + " --append INPUT -j %s" % chain
        cmd = path + " --insert INPUT 1 -j %s"  % chain
        (waitstatus, output) = _do_cmd(cmd, dry_run, 0)
        if waitstatus != 0:
            return
        Log.Info(" ... creating jump from FORWARD to %s chain" % chain)
        cmd = path + " --insert FORWARD 1 -j %s"  % chain
        (waitstatus, output) = _do_cmd(cmd, dry_run, 0)
        if waitstatus != 0:
            return

then refresh your iptables rules and run the blockhosts script again.

Reply

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <b> <span> <pre> <hr>
  • Lines and paragraphs break automatically.
  • You may use [acidfree:xx] tags to display acidfree videos or images inline.
  • [l:URL text] input tags replaced with HTML links. URL may be Drupal internal path. [ Link Filter Tips ]

More information about formatting options