[olug] forgive me, for i am lazy

Rob Townley rob.townley at gmail.com
Sun Aug 8 03:15:14 UTC 2010


On Sat, Aug 7, 2010 at 8:48 PM, Will Langford <unfies at gmail.com> wrote:
> i've not done much with a gateway / router type system under centos that
> needs to handle a half dozen ip's and interfaces.  stand alone on the
> internet sure (think simple web server or home server)... but nothing that
> acts as the beach head for a network of hundreds of machines...
>
> i tried for 10min to google this answer but was getting sick and tired of
> reading unrelated pages... anyone care to point me in the right direction ?
>
> i'm migrating this from a shell script and would like to possibly get it set
> up entirely from /etc/sysconfig/iptables ?
>
> is it possible to do bash style variable assignment in this file ?
>
> in the shell script, i have interfaces and ip addresses assigned to
> variables and then those variables used throughout the 7 page script.  i'd
> really prefer to keep using variables in sysconfig/iptables as well...
>
> -will
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>

So if you have a bash script that generates the
/etc/sysconfig/iptables file like
http://www.adamhaeder.com/sample_firewall.html,
then why are variables needed in iptables itself?

Now, that i look at this again, i don't see a COMMIT at
the end.

Anything touching this file will probably sound off all kinds of
silent selinux alarm bells,
remember the capital Z in ls -Z to get selinux labels and sestatus.



More information about the OLUG mailing list