[ale] Easy way to add and delete iptables rules
Chris Fowler
cfowler at outpostsentinel.com
Thu Aug 25 21:48:04 EDT 2016
I'm trying to figure out the best way to add and remove iptables rules as required.
I use this block a laptop due to bad tests scores :)
IP=192.168.1.153
#iptables -P FORWARD DROP
iptables -I FORWARD -s 0/0 -d ${IP} -j DROP
iptables -I FORWARD -s ${IP} -d 0/0 -j DROP
# Squid
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3128 -s ${IP}/32 -j REJECT
iptables -A INPUT -i eth0 -p udp -m udp --dport 3128 -s ${IP}/32 -j REJECT
First two stops routing. Second blocks squid access.
Normally I'll just do an iptables-restore, but I'm fail2ban andminiupnpd. The restore blows away their rules.
Do I create a custom chain for INPUT and FORWARD and simply delete rules in that? Using MQTT this will become push button and the wife will simply push a button on and then off.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160825/ea499bb7/attachment.html>
More information about the Ale
mailing list