[ale] Easy way to add and delete iptables rules

Chris Fowler cfowler at outpostsentinel.com
Thu Aug 25 21:48:04 EDT 2016


I'm trying to figure out the best way to add and remove iptables rules as required. 

I use this block a laptop due to bad tests scores :) 


IP=192.168.1.153 
#iptables -P FORWARD DROP 
iptables -I FORWARD -s 0/0 -d ${IP} -j DROP 
iptables -I FORWARD -s ${IP} -d 0/0 -j DROP 
# Squid 
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3128 -s ${IP}/32 -j REJECT 
iptables -A INPUT -i eth0 -p udp -m udp --dport 3128 -s ${IP}/32 -j REJECT 

First two stops routing. Second blocks squid access. 

Normally I'll just do an iptables-restore, but I'm fail2ban andminiupnpd. The restore blows away their rules. 

Do I create a custom chain for INPUT and FORWARD and simply delete rules in that? Using MQTT this will become push button and the wife will simply push a button on and then off. 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160825/ea499bb7/attachment.html>


More information about the Ale mailing list