[ale] Easy way to add and delete iptables rules

Jim Kinney jim.kinney at gmail.com
Fri Aug 26 10:03:59 EDT 2016


I found it easier to have a script per brat, er, um, child, I could run
that flat killed their internet access. I used static assigned dhcp and had
a table per child that normally did nothing. Running the block script added
a DROP to that table.

At one point I could ruin their life with a special email to a special
address. It sucks having a parent whose job is sysadmin.

:-)

On Aug 26, 2016 9:58 AM, "Chris Fowler" <cfowler at outpostsentinel.com> wrote:

>
>
> ------------------------------
>
> *From: *"Lightner, Jeffrey" <JLightner at dsservices.com>
> *To: *"Atlanta Linux Enthusiasts" <ale at ale.org>
> *Sent: *Friday, August 26, 2016 8:58:02 AM
> *Subject: *Re: [ale] Easy way to add and delete iptables rules
>
> Also the iptables-restore suggests you're editing your iptables file then
> using the restore to update memory.
>
> I only do this at boot.
> fail2ban and miniupnpd have active rules when the firewall is running.
>
>
>
> Instead you can use "iptables -I" to insert rules in your iptables in
> memory then use iptables-save to save to the file so you get the new rules
> on next restore.
>
>
> This would be a problem because that would restore nat rules at boot
> created by UPnP that are no longer valid.  Maybe miniupnpd would see it and
> delete it.  Not sure.
>
>
> You can use "iptables -nL --line-numbers" to see existing rules and the
> lines they're on then specify the line number you wish to insert into with
> the -I flag.
>
>
> Yes, that I can do. List them, grok them, build a command, and execute it.
>
> My hope was that I can simply create a table for each kid and just add and
> delete with ease.  If I need to list line numbers, parse it out, and do it
> that way I can do that too.  I hesitate because I'm not sure that way is
> the "pest practice".
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160826/34c2352b/attachment.html>


More information about the Ale mailing list