diff options
Diffstat (limited to 'core/network.html')
| -rw-r--r-- | core/network.html | 42 |
1 files changed, 20 insertions, 22 deletions
diff --git a/core/network.html b/core/network.html index 57f877a..9aa5921 100644 --- a/core/network.html +++ b/core/network.html @@ -13,10 +13,10 @@ <dl> <dt><a href="conf/rc.d/iptables">/etc/rc.d/iptables</a></dt> - <dd>Configure iptables, start option loads set of rules from - file /etc/iptables/rules_file_name, open option allows everything - to outside and blocks everything from outside, stop will block - and log everything.</dd> + <dd>Configure <a href="#iptables">iptables</a>, start option + loads set of rules from file /etc/iptables/name.v4, open option + allows everything to outside and blocks everything from outside, + stop will block and log everything.</dd> <dt><a href="conf/rc.d/net">/etc/rc.d/net</a></dt> <dd>Configure Ethernet interface with static or dynamic (dhcp) IP, set default route and add default gateway.</dd> @@ -116,47 +116,45 @@ <p>For more information about iptables read <a href="https://wiki.archlinux.org/index.php/Iptables">arch wiki</a>. - Iptables can be setup at startup with - <a href="conf/rc.d/iptables">/etc/rc.d/iptables</a> script, change - <a href="conf/iptables/iptables.sh">/etc/iptables/iptables.sh</a> - with your needs and run to apply, after iptables-save can be used - to create /etc/iptables/rules.v4 file that is used by init script.</p> + Iptables can be setup at boot with + <a href="conf/rc.d/iptables">/etc/rc.d/iptables</a> init script, change + <a href="scripts/iptables.sh">iptables.sh</a> with your needs and run + to save rules in <a href="conf/iptables/net.v4">/etc/iptables/net.v4</a> + file.</p> <p>Init script "start" option loads set of rules from file /etc/iptables/rules.v4, "open" option allows everything to outside and blocks everything from outside, "stop" will block and log everything.</p> + <p>Setup init script and rules ;</p> + <pre> # mkdir /etc/iptables - # cp c9-doc/core/conf/iptables/rules.v4 /etc/iptables/ - # cp c9-doc/core/conf/rc.d/iptables /etc/rc.d/ + # cp core/conf/iptables/net.v4 /etc/iptables/ + # cp core/conf/rc.d/iptables /etc/rc.d/ # chmod +x /etc/rc.d/iptables </pre> - <p>Adjust rules.v4 to your needs, then;</p> + <p>Change /etc/rc.conf and add iptables;</p> <pre> - # sh /etc/rc.d/iptables start + SERVICES=(iptables lo net crond) </pre> - <p>See current rules and packets;</p> + <p>Adjust <a href="scripts/iptables.sh">iptables.sh</a> with + your network configuration then run it;</p> <pre> - # iptables -L -n -v | less + # bash core/scripts/iptables.sh </pre> - <p>Copy init script, edit if you dont like to - let drop when you call stop.</p> - - <p>Re-configure your rc.conf and add iptables before (w)lan is up;</p> + <p>See current rules and packets;</p> <pre> - SERVICES=(lo iptables net crond) + # iptables -L -n -v | less </pre> - <p> - <h2 id="wpa">2.3.4. Wpa and dhcpd</h2> <p>There is more information on |