2,411
edits
Changes
Jump to navigation
Jump to search
mLine 473:
Line 473: − + + + + + + Line 481:
Line 486: + + − + − The first line creates a custom-named service definition in the configuration database.+ − The succeeding lines can be used to apply your desired firewall restrictions to any existing SME 'service' − or to a custom-named service that you have created. − Combine a custom-named service with port-forwarding to create customized firewall rules.
Reformatted instructions on iptables to improve readability
''httpd-admin - sshd - smtpd - ssmtpd''
''httpd-admin - sshd - smtpd - ssmtpd''
}}
}}
=====''Additional information on customizing iptables''=====
=====Additional information on customizing iptables=====
Create a custom-named service definition in the configuration database.
db configuration set <servicename> service
db configuration set <servicename> service
Apply your desired firewall restrictions to any existing SME 'service' or to a custom-named service that you have created. Combine a custom-named service with port-forwarding to create customized firewall rules.
db configuration setprop <servicename> TCPPort <portnumber>
db configuration setprop <servicename> TCPPort <portnumber>
db configuration setprop <servicename> UDPPort <portnumber>
db configuration setprop <servicename> UDPPort <portnumber>
db configuration setprop <servicename> AllowHosts a.b.c.d,x.y.z.0/24
db configuration setprop <servicename> AllowHosts a.b.c.d,x.y.z.0/24
db configuration setprop <servicename> DenyHosts e.f.g.h,l.m.n.0/24
db configuration setprop <servicename> DenyHosts e.f.g.h,l.m.n.0/24
Effectuate the changes you have made
signal-event remoteaccess-update
signal-event remoteaccess-update
{| width="100%" border="1" cellpadding="5" cellspacing="0"
{| width="100%" border="1" cellpadding="5" cellspacing="0"
|+Affected file: /etc/rc.d/init.d/masq
|+Affected file: /etc/rc.d/init.d/masq