Ipfire Firewall: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 2: | Zeile 2: | ||
*zunächst per ssh einloggen | *zunächst per ssh einloggen | ||
**ssh root@<IP oder FQDN> -p 222 | **ssh root@<IP oder FQDN> -p 222 | ||
− | * | + | *vi /etc/sysconfig/firewall.local |
+ | **In der unten zu sehenden Datei wie von [[IPTables - from scratch|iptables]] gewohnt die Firewall-Regeln eintragen | ||
+ | <pre> | ||
+ | #!/bin/sh | ||
+ | # Used for private firewall rules | ||
+ | |||
+ | # See how we were called. | ||
+ | case "$1" in | ||
+ | start) | ||
+ | ## add your 'start' rules here | ||
+ | iptables -t nat -I NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 | ||
+ | iptables -I FORWARD -j ACCEPT -d 10.83.36.0/24 | ||
+ | ;; | ||
+ | stop) | ||
+ | ## add your 'stop' rules here | ||
+ | iptables -t nat -D NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 | ||
+ | iptables -D FORWARD -j ACCEPT -d 10.83.36.0/24 | ||
+ | ;; | ||
+ | reload) | ||
+ | $0 stop | ||
+ | $0 start | ||
+ | ## add your 'reload' rules here | ||
+ | ;; | ||
+ | *) | ||
+ | </pre> |
Version vom 7. Juli 2017, 06:43 Uhr
Firewall-Regeln über die Konsole erstellen
- zunächst per ssh einloggen
- ssh root@<IP oder FQDN> -p 222
- vi /etc/sysconfig/firewall.local
- In der unten zu sehenden Datei wie von iptables gewohnt die Firewall-Regeln eintragen
#!/bin/sh # Used for private firewall rules # See how we were called. case "$1" in start) ## add your 'start' rules here iptables -t nat -I NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 iptables -I FORWARD -j ACCEPT -d 10.83.36.0/24 ;; stop) ## add your 'stop' rules here iptables -t nat -D NAT_SOURCE -j SNAT -s 10.83.30.0/24 -d 10.83.36.0/24 --to-source 10.1.1.30 iptables -D FORWARD -j ACCEPT -d 10.83.36.0/24 ;; reload) $0 stop $0 start ## add your 'reload' rules here ;; *)