Rex::Commands::Iptables - Online Linux Manual PageSection : 3
Updated : 2021-03-06
Source : perl v5.32.1
Note : User Contributed Perl Documentation
NAMERex::Commands::Iptables − Iptable Management Commands
DESCRIPTIONWith this Module you can manage basic Iptables rules. Version <= 1.0: All these functions will not be reported. Only open_port and close_port are idempotent.
SYNOPSIS use Rex::Commands::Iptables;
task "firewall", sub {
iptables_clear;
open_port 22;
open_port [22, 80] => {
dev => "eth0",
};
close_port 22 => {
dev => "eth0",
};
close_port "all";
redirect_port 80 => 10080;
redirect_port 80 => {
dev => "eth0",
to => 10080,
};
default_state_rule;
default_state_rule dev => "eth0";
is_nat_gateway;
iptables t => "nat",
A => "POSTROUTING",
o => "eth0",
j => "MASQUERADE";
# The 'iptables' function also accepts long options,
# however, options with dashes need to be quoted
iptables table => "nat",
accept => "POSTROUTING",
"out−interface" => "eth0",
jump => "MASQUERADE";
# Version of IP can be specified in the first argument
# of any function: −4 or −6 (defaults to −4)
iptables_clear −6;
open_port −6, [22, 80];
close_port −6, "all";
redirect_port −6, 80 => 10080;
default_state_rule −6;
iptables −6, "flush";
iptables −6,
t => "filter",
A => "INPUT",
i => "eth0",
m => "state",
state => "RELATED,ESTABLISHED",
j => "ACCEPT";
};
EXPORTED FUNCTIONS
open_port($port, $option)Open a port for inbound connections. task "firewall", sub {
open_port 22;
open_port [22, 80];
open_port [22, 80],
dev => "eth1";
};
task "firewall", sub {
open_port 22,
dev => "eth1",
only_if => "test −f /etc/firewall.managed";
} ;
close_port($port, $option)Close a port for inbound connections. task "firewall", sub {
close_port 22;
close_port [22, 80];
close_port [22, 80],
dev => "eth0",
only_if => "test −f /etc/firewall.managed";
};
redirect_port($in_port, $option)Redirect $in_port to another local port. task "redirects", sub {
redirect_port 80 => 10080;
redirect_port 80 => {
to => 10080,
dev => "eth0",
};
};
iptables(@params)Write standard iptable comands. Note that there is a short form for the iptables −−flush option; when you pass the option of −F|"flush" as the only argument, the command iptables −F is run on the connected host. With the two argument form of flush shown in the examples below, the second argument is table you want to flush. task "firewall", sub {
iptables t => "nat", A => "POSTROUTING", o => "eth0", j => "MASQUERADE";
iptables t => "filter", i => "eth0", m => "state", state => "RELATED,ESTABLISHED", j => "ACCEPT";
# automatically flushes all tables; equivalent to 'iptables −F'
iptables "flush";
iptables −F;
# flush only the "filter" table
iptables flush => "filter";
iptables −F => "filter";
};
# Note: options with dashes "−" need to be quoted to escape them from Perl
task "long_form_firewall", sub {
iptables table => "nat",
append => "POSTROUTING",
"out−interface" => "eth0",
jump => "MASQUERADE";
iptables table => "filter",
"in−interface" => "eth0",
match => "state",
state => "RELATED,ESTABLISHED",
jump => "ACCEPT";
};
is_nat_gatewayThis function creates a NAT gateway for the device the default route points to. task "make−gateway", sub {
is_nat_gateway;
is_nat_gateway −6;
};
default_state_rule(%option)Set the default state rules for the given device. task "firewall", sub {
default_state_rule(dev => "eth0");
};
iptables_listList all iptables rules. task "list−iptables", sub {
print Dumper iptables_list;
print Dumper iptables_list −6;
};
iptables_clearRemove all iptables rules. task "no−firewall", sub {
iptables_clear;
};
0
Johanes Gumabo
Data Size : 17,964 byte
man-Rex::Commands::Iptables.3pmBuild : 2024-12-05, 20:55 :
Visitor Screen : x
Visitor Counter ( page / site ) : 2 / 170,813
Visitor ID : :
Visitor IP : 3.147.82.22 :
Visitor Provider : AMAZON-02 :
Provider Position ( lat x lon ) : 39.962500 x -83.006100 : x
Provider Accuracy Radius ( km ) : 1000 :
Provider City : Columbus :
Provider Province : Ohio , : ,
Provider Country : United States :
Provider Continent : North America :
Visitor Recorder : Version :
Visitor Recorder : Library :
Online Linux Manual Page : Version : Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page : Library : lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page : Library : lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base : Version : Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base : Library : lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36
Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.
ERROR : Need New Coding : (parse_manual_page_|249|Rex::Commands::Iptables.3pm|36/37|el══─{─══.|.el══─{─══. ds -- \|\(em\|
) (htmlprn|149|Rex::Commands::Iptables.3pm|36/37|.el══─{─══. ds -- — |.el══─{─══. ds -- \|\(em\|
) (parse_manual_page_|249|Rex::Commands::Iptables.3pm|43|br══─}─══|'br══─}─══
) (htmlprn|149|Rex::Commands::Iptables.3pm|43|'br══─}─══ |'br══─}─══
)