Re: [bwm-tools-tech] Rule Help
Brought to you by:
nkukard
Menu
▾
▴
Re: [bwm-tools-tech] Rule Help
|
From: Ravi P. <ra...@sw...> - 2006-09-20 20:32:51
|
Hello,
You have to define Allow_SSH, ATG_Office also as classes in the global
section.
When you run your xml file as under:
bwm_firewall -c example.xml -faa
Where aa is the output file. This file is what has to get added into the
iptables file.
Regards
Ravi
-----Original Message-----
From: Andrew Niemantsverdriet [mailto:and...@gm...]
Sent: Saturday, September 16, 2006 4:45 AM
To: ra...@sw...; Bandwidth Management Tools General & Technical
Discussions
Subject: Re: [bwm-tools-tech] Rule Help
Ok how about a diffrent way. I just want to block all traffic so that an IP
can talk at all. I tried the rule set below but it is not working any hints
to get it working?
<global>
<class name="test">
<address src="10.2.0.101/32"/>
</class>
</global>
<acl>
<table name="filter">
<chain name="INPUT" default="DROP">
<rule name="allowed_traffic" target="ACCEPT">
Allow_SSH
</rule>
</chain>
<chain name="FORWARD" default="ACCEPT">
<rule name="controlled_traf" target="bwmd">
ATG_Office
</rule>
</chain>
<chain name="OUTPUT" default="ACCEPT">
<rule name="blocked_traffic" target="DROP">
test
</rule>
</chain>
</table>
</acl>
On 9/13/06, Ravi Patwari <ra...@sw...> wrote:
> The way I do it is to have iptables do the firewalling and bwm do only
> the bandwidth management. Its easier and cleaner.
>
> You have to jump back to the input queue after it exits from bwm queue.
>
> Regards
> Ravi
>
> -----Original Message-----
> From: bwm...@li...
> [mailto:bwm...@li...] On Behalf Of
> Andrew Niemantsverdriet
> Sent: Thursday, September 14, 2006 3:01 AM
> To: bwm...@li...
> Subject: [bwm-tools-tech] Rule Help
>
> I am trying to write a firewall rule to not allow any port but port 80
> for a entire subnet of IP's. I am not sure how to do this in bwm_tools
> any suggestions. The subnet range I am trying to use is 10.1.1.0/24 if
> that makes a diffrence.
>
> ----------------------------------------------------------------------
> --- Using Tomcat but need to do more? Need to support web services,
> security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier Download IBM WebSphere Application Server v.1.0.1 based on
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=1216
> 42 _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
>
> ----------------------------------------------------------------------
> --- Using Tomcat but need to do more? Need to support web services,
> security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier Download IBM WebSphere Application Server v.1.0.1 based on
> Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=1216
> 42 _______________________________________________
> bwm-tools-tech mailing list
> bwm...@li...
> https://lists.sourceforge.net/lists/listinfo/bwm-tools-tech
>
|
