Iceditch file structure

From SaruWiki
Jump to navigation Jump to search

Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:

This is the "rulefile", that contains your actual firewall rules (in Iceditch IPtables language).

This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like Inet=eth0). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.

This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like

IPblocked= # don't want any traffic to the switch from here
IPblocked=    # Blocked on 2008-07-05 for hacking attempts

These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a safestart, or when you call iceditch restore.

This is the firewall script itself. It's an executable shellscript.

This is only a symlink to the iceditch script itself.