|
This adds no fancy features or new syntax or anything, but merely helps
to manage a *.d directory for iptables scripts.
You simply write simple shell scripts where you issue your iptables calls
and place them in /opt/openslx/iptables/rules.d
On bootup, and whenever the contents of the directory change, all tables
will be reset and the scripts from rules.d are run. They're run in
alphabetical order, so it's wise to adhere to the XX-* naming scheme.
Also you can place any kind of script there doing really complicated
things, it's advised you keep them as simple as possible and use proper
names, that tell what the script does.
The default behaviour is set to ACCEPT on all tables/chains, but nothing
stops you from doing 'iptables -P' in one of the scripts.
|