Ipfire Firewall: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 2: | Zeile 2: | ||
*zunächst per ssh einloggen | *zunächst per ssh einloggen | ||
**ssh root@<IP oder FQDN> -p 222 | **ssh root@<IP oder FQDN> -p 222 | ||
| − | * | + | *vi /etc/sysconfig/firewall.local |
| + | **In der unten zu sehenden Datei wie von [[IPTables - from scratch|iptables]] gewohnt die Firewall-Regeln eintragen | ||
| + | <pre> | ||
| + | #!/bin/sh | ||
| + | # Used for private firewall rules | ||
| + | |||
| + | # See how we were called. | ||
| + | case "$1" in | ||
| + | start) | ||
| + | ## add your 'start' rules here | ||
| + | iptables -t nat -I NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 | ||
| + | iptables -I FORWARD -j ACCEPT -d 10.83.36.0/24 | ||
| + | ;; | ||
| + | stop) | ||
| + | ## add your 'stop' rules here | ||
| + | iptables -t nat -D NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 | ||
| + | iptables -D FORWARD -j ACCEPT -d 10.83.36.0/24 | ||
| + | ;; | ||
| + | reload) | ||
| + | $0 stop | ||
| + | $0 start | ||
| + | ## add your 'reload' rules here | ||
| + | ;; | ||
| + | *) | ||
| + | </pre> | ||
Version vom 7. Juli 2017, 06:43 Uhr
Firewall-Regeln über die Konsole erstellen
- zunächst per ssh einloggen
- ssh root@<IP oder FQDN> -p 222
- vi /etc/sysconfig/firewall.local
- In der unten zu sehenden Datei wie von iptables gewohnt die Firewall-Regeln eintragen
#!/bin/sh
# Used for private firewall rules
# See how we were called.
case "$1" in
start)
## add your 'start' rules here
iptables -t nat -I NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30
iptables -I FORWARD -j ACCEPT -d 10.83.36.0/24
;;
stop)
## add your 'stop' rules here
iptables -t nat -D NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30
iptables -D FORWARD -j ACCEPT -d 10.83.36.0/24
;;
reload)
$0 stop
$0 start
## add your 'reload' rules here
;;
*)