Hi,
I''m trying to add following iptables rules to shorewall:
iptables -I INPUT -d 192.168.1.1
iptables -I OUTPUT -s 192.168.1.1
What should I put in my custom action or any ware else?
I need these rules for munin accounting.
iptables -L INPUT -v -n -x
Chain INPUT (policy DROP 5 packets, 260 bytes)
pkts bytes target prot opt in out source
destination
7175 601167 all -- * * 0.0.0.0/0
192.168.1.1
regards brumela
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
bruma wrote:> Hi, > > I''m trying to add following iptables rules to shorewall: > > iptables -I INPUT -d 192.168.1.1 > iptables -I OUTPUT -s 192.168.1.1 > > What should I put in my custom action or any ware else? > > I need these rules for munin accounting. > iptables -L INPUT -v -n -x > Chain INPUT (policy DROP 5 packets, 260 bytes) > pkts bytes target prot opt in out source > destination > 7175 601167 all -- * * 0.0.0.0/0 > 192.168.1.1 >Just place the commands in /etc/shorewall/start, replacing ''iptables'' with ''run_iptables''. Munin needs a better iptables plugin -- having INPUT and OUTPUT hardcoded in the current plugin is really bogus. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
2007/6/27, Tom Eastep <teastep@shorewall.net>:> > Just place the commands in /etc/shorewall/start, replacing ''iptables'' with > ''run_iptables''. > > Munin needs a better iptables plugin -- having INPUT and OUTPUT hardcoded in > the current plugin is really bogus.Thanks, Hmm, I was not aware of bogus ip_ munin plugin. Do you have better idea how to track network traffic in munin? Brumela ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
bruma wrote:> 2007/6/27, Tom Eastep <teastep@shorewall.net>: >> Just place the commands in /etc/shorewall/start, replacing ''iptables'' with >> ''run_iptables''. >> >> Munin needs a better iptables plugin -- having INPUT and OUTPUT hardcoded in >> the current plugin is really bogus. > > Thanks, > > Hmm, I was not aware of bogus ip_ munin plugin. Do you have better > idea how to track network traffic in munin?Not with the current plugin. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/