Iceditch IPtables language: Difference between revisions

From SaruWiki
Jump to navigation Jump to search
(Started explaining Context)
(No difference)

Revision as of 21:25, 27 June 2008

The Iceditch control language

If you know and understand IPtables commands, then the syntax of the Iceditch control language seems very simple to you. When you realise that it's only goal is to simplify standard IPtables commands __without__ taking away their incredible power or flexibility, you'll also realise that this is actually inevitable. But let's not linger here: dip in!

The Context header

Just about every IPtables command that creates a firewall rule, acts on some firewall table, and some firewall chain. These are found in the IPtables invocation, and are specified by options -A (add to chain) and -t (use table). Thus, the rule

iptables -A INPUT -t filter -d 10.0.0.1 -j DROP

works in chain INPUT and table filter.