Iceditch file structure

From SaruWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:

/etc/iceditch/rules.conf
This is the "rulefile", that contains your actual firewall rules (in Iceditch IPtables language).

/etc/iceditch/iceditch.conf
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like Inet=eth0). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.

/etc/iceditch/params.conf
This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like 

IPblocked=192.168.1.14 # don't want any traffic to the switch from here
IPblocked=216.73.93.8
IPblocked=127.0.0.2    # Blocked on 2008-07-05 for hacking attempts

/etc/iceditch/backup/.rules.bak,
/etc/iceditch/backup/.config.bak,
/etc/iceditch/backup/.params.bak
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a safestart, or when you call iceditch restore.

/bin/iceditch
This is the firewall script itself. It's an executable shellscript.

/etc/init.d/iceditch
This is only a symlink to the iceditch script itself.

Retrieved from "https://www.saruman.biz/saruwiki/index.php?title=Iceditch_file_structure&oldid=1583"