A few questions about scripting for Iptables.
Ok, so I would like to start scripting and I would
really like my script to be like Valerio's (OBC)
script but there are a few things I don't understand
and I was wondering if someone can help me out.
Here's what I am talking about:
# ip for the external interface (assuming EXT_IF is
EXT_IP=`ifconfig $EXT_IF | grep "addr:" | cut -d: -f 2
| cut -d\ -f1`
???? What is stored in EXT_IP? why the single '' ? Is
there a declaration of EXT_IP somewhere?
# set the network address
???? What is taking place here? What significance
does '/' have?
#setup the logging chain
$FW -N LOGDROP 2>/dev/null
???? I see that a new chain is built but I am not sure
???? Now the following code looks really cool, I think
it is building a command line interface, yes? Why is
"Flushing firewall and setting default policies to
DROP" commented out, does this not need to be done if
the tables are cleared? How about the case "$1"? I
would like to know how that works.
# See how we were called.
case "$1" in
echo -e "\nFlushing firewall and setting default
#echo -e "\nFlushing firewall and setting default
#$IPTABLES -P INPUT DROP
#$IPTABLES -F INPUT
#$IPTABLES -P OUTPUT DROP
#$IPTABLES -F OUTPUT
#$IPTABLES -P FORWARD DROP
#$IPTABLES -F FORWARD
#$IPTABLES -F -t nat
# Delete all User-specified chains
# Reset all IPTABLES counters
echo "Usage: ocb_networking
???? what is this "esac"?
I know these questions are probably really simple but
the only script I intend to work on is for Iptables
and no other mail lists will know anything about that,
tell me to ask here I bet... :(.
Do you Yahoo!?
Yahoo! Domains ? Claim yours for only $14.70/year