hi all,
I have compiled Bwm successfully, and followed step 4 "Integrating Bwm =
Tools" in the Bwm manual. However, i met with the following problems. =
here're the steps i did: My firewall.xml file is attached at the end. Do =
i need to install iptables in kernel?? Please help me. Thanks
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
$ ./bwm_firewall -f=3Diptables-restore
BWM Firewall v0.2.1 - Copyright (c) 2003-2005 Linux Based Systems Design
Loading configuration from "/etc/bwm_tools/firewall.xml"...
ERROR: Class http_traffic_in invalid, ignoring
ERROR: Class smtp_traffic_in invalid, ignoring
ERROR: Class p2p_traffic_in invalid, ignoring
ERROR: Class http_traffic_out invalid, ignoring
ERROR: Class smtp_traffic_out invalid, ignoring
ERROR: Class p2p_traffic_out invalid, ignoring
Writing IPTables configuration to "=3Diptables-restore"...
$ iptables-restore < /etc/sysconfig/iptables
bash: /etc/sysconfig/iptables: No such file or directory
$ ./bwmd -f
BWM Daemon v0.2.1 - Copyright (c) 2003-2005 Linux Based Systems Design
BWMD: Loaded 8 flows and 0 queues
BWMD: Found 0 modules to load
IPQ runner started...
Failed to set IPQ mode
passer: Failed to send netlink message: Connection refused
Failed to get IPQ handle
Flow runner started...
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
this is my firewall.xml file.=20
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
<firewall>=20
# Global configuration and access classes
<global>
<class name=3D"http_traffic">
<address dst=3D"192.168.4.50" proto=3D"tcp" =
dst-port=3D"80"/>
</class>
<class name=3D"ssh_traffic">
<address dst=3D"192.168.4.50" proto=3D"tcp" =
dst-port=3D"22"/>
</class>
</global>
=20
# Access control lists
<acl>
<table name=3D"filter">
<chain name=3D"INPUT" default=3D"DROP">
<rule name=3D"allowed_traffic" target=3D"ACCEPT">
http_traffic
ssh_traffic
</rule>
</chain>
<chain name=3D"FORWARD" default=3D"DROP">
</chain>
<chain name=3D"OUTPUT" default=3D"ACCEPT">
</chain>
</table>
</acl>
=20
# Traffic flows
<traffic>
<flow name=3D"dsl_line_in" max-rate=3D"64000" =
report-timeout=3D"60">
<flow name=3D"http_in" max-rate=3D"32000" =
burst-rate=3D"64000" nfmark=3D"100">
http_traffic_in
</flow>
<flow name=3D"smtp_in" max-rate=3D"8000" =
burst-rate=3D"32000" nfmark=3D"101">
smtp_traffic_in
</flow>
<flow name=3D"p2p_in" max-rate=3D"24000" =
burst-rate=3D"32000"
nfmark=3D"102">
p2p_traffic_in
</flow>
</flow>
<flow name=3D"dsl_line_out" max-rate=3D"64000" =
report-timeout=3D"60">
<flow name=3D"http_out" max-rate=3D"32000" =
burst-rate=3D"64000" nfmark=3D"200">
http_traffic_out
</flow>
<flow name=3D"smtp_out" max-rate=3D"8000" =
burst-rate=3D"32000" nfmark=3D"201">
smtp_traffic_out
</flow>
<flow name=3D"p2p_out" max-rate=3D"24000" =
burst-rate=3D"32000" nfmark=3D"202">
p2p_traffic_out
</flow>
</flow>
</traffic>
=20
</firewall>
Rgds,
victor |
