Thread: [bwm-tools-tech] Rule Help
Brought to you by:
nkukard
Menu
▾
▴
bwm-tools-tech
|
From: Andrew N. <and...@gm...> - 2006-09-13 21:31:09
|
I am trying to write a firewall rule to not allow any port but port 80 for a entire subnet of IP's. I am not sure how to do this in bwm_tools any suggestions. The subnet range I am trying to use is 10.1.1.0/24 if that makes a diffrence. |
|
From: Ravi P. <ra...@sw...> - 2006-09-13 21:55:51
|
The way I do it is to have iptables do the firewalling and bwm do only the bandwidth management. Its easier and cleaner. You have to jump back to the input queue after it exits from bwm queue. Regards Ravi -----Original Message----- From: bwm...@li... [mailto:bwm...@li...] On Behalf Of Andrew Niemantsverdriet Sent: Thursday, September 14, 2006 3:01 AM To: bwm...@li... Subject: [bwm-tools-tech] Rule Help I am trying to write a firewall rule to not allow any port but port 80 for a entire subnet of IP's. I am not sure how to do this in bwm_tools any suggestions. The subnet range I am trying to use is 10.1.1.0/24 if that makes a diffrence. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ bwm-tools-tech mailing list bwm...@li... https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech |
|
From: Andrew N. <and...@gm...> - 2006-09-15 23:15:07
|
Ok how about a diffrent way. I just want to block all traffic so that
an IP can talk at all. I tried the rule set below but it is not
working any hints to get it working?
<global>
<class name="test">
<address src="10.2.0.101/32"/>
</class>
</global>
<acl>
<table name="filter">
<chain name="INPUT" default="DROP">
<rule name="allowed_traffic" target="ACCEPT">
Allow_SSH
</rule>
</chain>
<chain name="FORWARD" default="ACCEPT">
<rule name="controlled_traf" target="bwmd">
ATG_Office
</rule>
</chain>
<chain name="OUTPUT" default="ACCEPT">
<rule name="blocked_traffic" target="DROP">
test
</rule>
</chain>
</table>
</acl>
On 9/13/06, Ravi Patwari <ra...@sw...> wrote:
> The way I do it is to have iptables do the firewalling and bwm do only the
> bandwidth management. Its easier and cleaner.
>
> You have to jump back to the input queue after it exits from bwm queue.
>
> Regards
> Ravi
>
> -----Original Message-----
> From: bwm...@li...
> [mailto:bwm...@li...] On Behalf Of Andrew
> Niemantsverdriet
> Sent: Thursday, September 14, 2006 3:01 AM
> To: bwm...@li...
> Subject: [bwm-tools-tech] Rule Help
>
> I am trying to write a firewall rule to not allow any port but port 80 for a
> entire subnet of IP's. I am not sure how to do this in bwm_tools any
> suggestions. The subnet range I am trying to use is 10.1.1.0/24 if that
> makes a diffrence.
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier Download IBM WebSphere Application Server v.1.0.1 based on Apache
> Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
|
|
From: Ravi P. <ra...@sw...> - 2006-09-20 20:32:51
|
Hello,
You have to define Allow_SSH, ATG_Office also as classes in the global
section.
When you run your xml file as under:
bwm_firewall -c example.xml -faa
Where aa is the output file. This file is what has to get added into the
iptables file.
Regards
Ravi
-----Original Message-----
From: Andrew Niemantsverdriet [mailto:and...@gm...]
Sent: Saturday, September 16, 2006 4:45 AM
To: ra...@sw...; Bandwidth Management Tools General & Technical
Discussions
Subject: Re: [bwm-tools-tech] Rule Help
Ok how about a diffrent way. I just want to block all traffic so that an IP
can talk at all. I tried the rule set below but it is not working any hints
to get it working?
<global>
<class name="test">
<address src="10.2.0.101/32"/>
</class>
</global>
<acl>
<table name="filter">
<chain name="INPUT" default="DROP">
<rule name="allowed_traffic" target="ACCEPT">
Allow_SSH
</rule>
</chain>
<chain name="FORWARD" default="ACCEPT">
<rule name="controlled_traf" target="bwmd">
ATG_Office
</rule>
</chain>
<chain name="OUTPUT" default="ACCEPT">
<rule name="blocked_traffic" target="DROP">
test
</rule>
</chain>
</table>
</acl>
On 9/13/06, Ravi Patwari <ra...@sw...> wrote:
> The way I do it is to have iptables do the firewalling and bwm do only
> the bandwidth management. Its easier and cleaner.
>
> You have to jump back to the input queue after it exits from bwm queue.
>
> Regards
> Ravi
>
> -----Original Message-----
> From: bwm...@li...
> [mailto:bwm...@li...] On Behalf Of
> Andrew Niemantsverdriet
> Sent: Thursday, September 14, 2006 3:01 AM
> To: bwm...@li...
> Subject: [bwm-tools-tech] Rule Help
>
> I am trying to write a firewall rule to not allow any port but port 80
> for a entire subnet of IP's. I am not sure how to do this in bwm_tools
> any suggestions. The subnet range I am trying to use is 10.1.1.0/24 if
> that makes a diffrence.
>
> ----------------------------------------------------------------------
> --- Using Tomcat but need to do more? Need to support web services,
> security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier Download IBM WebSphere Application Server v.1.0.1 based on
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=1216
> 42 _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
>
> ----------------------------------------------------------------------
> --- Using Tomcat but need to do more? Need to support web services,
> security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier Download IBM WebSphere Application Server v.1.0.1 based on
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=1216
> 42 _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X