Difference between revisions of "Iptables scratchpad"
From thelinuxwiki
(Pushed from thelinuxwiki.com.) |
(→on fedora, run flush, run iptables script and save...) |
||
| (3 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
dynamically create iptables commands which allow gentoo emerge sync and fetch | dynamically create iptables commands which allow gentoo emerge sync and fetch | ||
| − | on gentoo servers | + | on firewall to forward for gentoo servers |
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | ||
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | ||
| − | on firewalls | + | on firewalls, to update / sync the firewalls themselves |
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}' | ||
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}' | ||
| + | |||
| + | |||
| + | == run flush, run iptables script and save...== | ||
| + | |||
| + | on fedora, | ||
| + | |||
| + | # iptables -F; /root/iptables.scr; iptables-save > /etc/sysconfig/iptables; | ||
| + | |||
| + | on gentoo... | ||
| + | |||
| + | # iptables -f; /usr/local/bin/iptables.scr; /etc/init.d/iptables save | ||
[[category:iptables]] | [[category:iptables]] | ||
Latest revision as of 07:08, 14 September 2013
dynamically create iptables commands which allow gentoo emerge sync and fetch
on firewall to forward for gentoo servers
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}'
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I FORWARD -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}'
on firewalls, to update / sync the firewalls themselves
nslookup rsync.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 873 -j ACCEPT\n"}'
nslookup distfiles.gentoo.org | grep -v "#" | grep Address |awk '{ printf "iptables -I OUTPUT -p tcp -d " $2 " --dport 80 -j ACCEPT\n"}'
run flush, run iptables script and save...
on fedora,
# iptables -F; /root/iptables.scr; iptables-save > /etc/sysconfig/iptables;
on gentoo...
# iptables -f; /usr/local/bin/iptables.scr; /etc/init.d/iptables save
