Rex::Commands::Iptables - Online Linux Manual PageSection : 3
Updated : 2021-03-06
Source : perl v5.32.1
Note : User Contributed Perl Documentation

NAMERex::Commands::Iptables − Iptable Management Commands

DESCRIPTIONWith this Module you can manage basic Iptables rules. Version <= 1.0: All these functions will not be reported. Only open_port and close_port are idempotent.

SYNOPSIS​ use Rex::Commands::Iptables; ​ ​ task "firewall", sub { ​ iptables_clear; ​ ​ open_port 22; ​ open_port [22, 80] => { ​ dev => "eth0", ​ }; ​ ​ close_port 22 => { ​ dev => "eth0", ​ }; ​ close_port "all"; ​ ​ redirect_port 80 => 10080; ​ redirect_port 80 => { ​ dev => "eth0", ​ to => 10080, ​ }; ​ ​ default_state_rule; ​ default_state_rule dev => "eth0"; ​ ​ is_nat_gateway; ​ ​ iptables t => "nat", ​ A => "POSTROUTING", ​ o => "eth0", ​ j => "MASQUERADE"; ​ ​ # The 'iptables' function also accepts long options, ​ # however, options with dashes need to be quoted ​ iptables table => "nat", ​ accept => "POSTROUTING", ​ "out−interface" => "eth0", ​ jump => "MASQUERADE"; ​ ​ # Version of IP can be specified in the first argument ​ # of any function: −4 or −6 (defaults to −4) ​ iptables_clear −6; ​ ​ open_port −6, [22, 80]; ​ close_port −6, "all"; ​ redirect_port −6, 80 => 10080; ​ default_state_rule −6; ​ ​ iptables −6, "flush"; ​ iptables −6, ​ t => "filter", ​ A => "INPUT", ​ i => "eth0", ​ m => "state", ​ state => "RELATED,ESTABLISHED", ​ j => "ACCEPT"; ​ };

EXPORTED FUNCTIONS

open_port($port, $option)Open a port for inbound connections. ​ task "firewall", sub { ​ open_port 22; ​ open_port [22, 80]; ​ open_port [22, 80], ​ dev => "eth1"; ​ }; ​ ​ task "firewall", sub { ​ open_port 22, ​ dev => "eth1", ​ only_if => "test −f /etc/firewall.managed"; ​} ;

close_port($port, $option)Close a port for inbound connections. ​ task "firewall", sub { ​ close_port 22; ​ close_port [22, 80]; ​ close_port [22, 80], ​ dev => "eth0", ​ only_if => "test −f /etc/firewall.managed"; ​ };

redirect_port($in_port, $option)Redirect $in_port to another local port. ​ task "redirects", sub { ​ redirect_port 80 => 10080; ​ redirect_port 80 => { ​ to => 10080, ​ dev => "eth0", ​ }; ​ };

iptables(@params)Write standard iptable comands. Note that there is a short form for the iptables −−flush option; when you pass the option of −F|"flush" as the only argument, the command ​iptables −F is run on the connected host. With the two argument form of ​flush shown in the examples below, the second argument is table you want to flush. ​ task "firewall", sub { ​ iptables t => "nat", A => "POSTROUTING", o => "eth0", j => "MASQUERADE"; ​ iptables t => "filter", i => "eth0", m => "state", state => "RELATED,ESTABLISHED", j => "ACCEPT"; ​ ​ # automatically flushes all tables; equivalent to 'iptables −F' ​ iptables "flush"; ​ iptables −F; ​ ​ # flush only the "filter" table ​ iptables flush => "filter"; ​ iptables −F => "filter"; ​ }; ​ ​ # Note: options with dashes "" need to be quoted to escape them from Perl ​ task "long_form_firewall", sub { ​ iptables table => "nat", ​ append => "POSTROUTING", ​ "out−interface" => "eth0", ​ jump => "MASQUERADE"; ​ iptables table => "filter", ​ "in−interface" => "eth0", ​ match => "state", ​ state => "RELATED,ESTABLISHED", ​ jump => "ACCEPT"; ​ };

is_nat_gatewayThis function creates a NAT gateway for the device the default route points to. ​ task "make−gateway", sub { ​ is_nat_gateway; ​ is_nat_gateway −6; ​ };

default_state_rule(%option)Set the default state rules for the given device. ​ task "firewall", sub { ​ default_state_rule(dev => "eth0"); ​ };

iptables_listList all iptables rules. ​ task "list−iptables", sub { ​ print Dumper iptables_list; ​ print Dumper iptables_list −6; ​ };

iptables_clearRemove all iptables rules. ​ task "no−firewall", sub { ​ iptables_clear; ​ };
0
Johanes Gumabo
Data Size   :   17,964 byte
man-Rex::Commands::Iptables.3pmBuild   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 170,813
Visitor ID   :     :  
Visitor IP   :   3.147.82.22   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.

ERROR : Need New Coding :         (parse_manual_page_|249|Rex::Commands::Iptables.3pm|36/37|el══─{─══.|.el══─{─══. ds -- \|\(em\| )         (htmlprn|149|Rex::Commands::Iptables.3pm|36/37|.el══─{─══. ds --  —  |.el══─{─══. ds -- \|\(em\| )         (parse_manual_page_|249|Rex::Commands::Iptables.3pm|43|br══─}─══|'br══─}─══ )         (htmlprn|149|Rex::Commands::Iptables.3pm|43|'br══─}─══ |'br══─}─══ )