Difference between revisions of "Iptables scratchpad"
From thelinuxwiki
(Pushed from thelinuxwiki.com.) |
(→on fedora, run flush, run iptables script and save...) |
||
(3 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
dynamically create iptables commands which allow gentoo emerge sync and fetch | dynamically create iptables commands which allow gentoo emerge sync and fetch | ||
− | on gentoo servers | + | on firewall to forward for gentoo servers |
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | ||
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | ||
− | on firewalls | + | on firewalls, to update / sync the firewalls themselves |
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | ||
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | ||
+ | |||
+ | |||
+ | == run flush, run iptables script and save...== | ||
+ | |||
+ | on fedora, | ||
+ | |||
+ | # iptables -F; /root/iptables.scr; iptables-save > /etc/sysconfig/iptables; | ||
+ | |||
+ | on gentoo... | ||
+ | |||
+ | # iptables -f; /usr/local/bin/iptables.scr; /etc/init.d/iptables save | ||
[[category:iptables]] | [[category:iptables]] |
Latest revision as of 07:08, 14 September 2013
dynamically create iptables commands which allow gentoo emerge sync and fetch
on firewall to forward for gentoo servers
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}'
on firewalls, to update / sync the firewalls themselves
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}'
run flush, run iptables script and save...
on fedora,
# iptables -F; /root/iptables.scr; iptables-save > /etc/sysconfig/iptables;
on gentoo...
# iptables -f; /usr/local/bin/iptables.scr; /etc/init.d/iptables save