[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

On 12 Sep 2004, Mike Mestnik wrote:
> --- Jonas Meurer <jonas@freesources.org> wrote:

[...]

>> the problem is, that 210,215,etc don't have standard services, so i'm
>> not able to open them as services in firehol.conf.
>>
> /etc/service?  This file lists the service names, I bet firehol will
> accept both names and numbers.

No, firehol has an internal concept of "services", which are related to
but not the same as entries in /etc/services.

Adding a new service is trivial, however:

    SERVER_<NAME>_PORTS="<proto>/<port>"
    CLIENT_<NAME>_PORTS="default"

Substitute the '<NAME>', etc sections for relevant values for your newly
defined service.  Also, you can have port numbers or ranges for the
client ports, or the server ports.

For more complex protocols there is a correspondingly more complex way
to specify them to Firehol;  consulting the source for that would help.

The OP seems quite resistant to either talking to the upstream authors
or reading the documentation supplied with Firehol, however, which is
still encouraging this thread to become more full of things that are
simply and clearly documented if he spent ten minutes reading...

       Daniel
-- 
Drones behold the life that was given. Be aware of the choices within your
grasp. Oppose the temptress who leaves you dry. Redeem what was lost.
        -- Covenant, _Storm_
Reply to: