save konfigurasi iptables di slackware 12

July 15, 2009 at 5:21 am Leave a comment

Do no why this post is on my draft, that dated  on year 2008, preety old huh, mybe im forget to post it.

So now let the world see.

Maintaining things with cron, crontab and iptables-save

Some have suggested that sshblack should fully maintain the iptables configuration it works with, including saving, checking and restoring chains and rules. I have chosen not to do this for several reasons which are beyond the scope of this secction. However, here are some pointers that allow you do do these kind of operations yourself.

If you’d like to manage sshblack like any other background process, see The Configuration Page for some user-supplied information on managing sshblack with things like chkconfig. There is even an init script.

Actually, starting sshblack after a reboot can be as simple as placing the full path and file name in your /etc/rc.d/rc.local file (or whatever directory/file your OS uses for custom start-up scripts). This will start sshblack very quickly after your machine boots.

Saving the iptables configuration can be important because if the custom chain sshblack uses is not restored after a reboot, obviously sshblack won’t be able to add/delete rules for a non-existent chain. If your machine supports it, saving and restoring iptables configs can be done easily using iptables-save and iptables-restore.

Execution of the iptables-save command can be done in the root crontab or it can be placed in the /etc/cron.daily directory. You can of course do this save every hour if you like by placing the shell file in the /etc/cron.hourly directory. Here is an example of an iptables-save script:

#!/bin/sh

# Save iptables configuration to /etc/sysconfig/iptables.1
/sbin/iptables-save -c > /etc/sysconfig/iptables.1

If you’d like to use crontab to do this same thing you can execute the following command:

[root@stinky root]# crontab -e

You will then see your crontab configuration (likely opened in vi). Simply place the following command into your crontab file and save it:

mailto = “root”

25 * * * * /sbin/iptables-save -c > /etc/sysconfig/iptables.1

Now, how do we pull this information back into iptables in the event of a reboot? Simple, just go back to your /etc/rc.d/rc.local and add in the iptables-restore command [Be sure to place this line BEFORE the line that starts sshblack in your rc.local file]. This will pull that saved information back in to iptables.

/sbin/iptables-restore -c < /etc/sysconfig/iptables.1

Note that iptables-restore will not only restore the rules that sshblack has added, it will restore any custom chains also.

baca selengkapnya di http://www.pettingers.org/code/sshblack-notes.html

Entry filed under: networking. Tags: .

hello world part II eth change randomly on slack

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed



%d bloggers like this: