Iceditch file structure

From SaruWiki
Jump to navigation Jump to search

Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:

/etc/iceditch/rules.conf
This is the "rulefile", that contains your actual firewall rules (in Iceditch IPtables language).

/etc/iceditch/iceditch.conf
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like Inet=eth0). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.

/etc/iceditch/params.conf
This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like

IPblocked=192.168.1.14 # don't want any traffic to the switch from here
IPblocked=216.73.93.8
IPblocked=127.0.0.2    # Blocked on 2008-07-05 for hacking attempts

/etc/iceditch/backup/.rules.bak,
/etc/iceditch/backup/.config.bak,
/etc/iceditch/backup/.params.bak
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a safestart, or when you call iceditch restore.

/bin/iceditch
This is the firewall script itself. It's an executable shellscript.

/etc/init.d/iceditch
This is only a symlink to the iceditch script itself.