-*- outline -*-

                        README of ipts

$Id: 00README,v 1.3 2006/08/16 12:15:22 sierrajuliett Exp $

---------------------------------------
* Υѥå˴ޤޤƤե
---------------------------------------

00README -- Υե
iptables-setup.pl -- perl ץ

ʾ塢ĤǤ

-----------
* Ȥ
-----------

root¤ǡ

# iptables-setup.pl

ȼ¹Ԥȡshell script "myiptables-setup.sh"졢
¹Ԥˡiptables-saveƤӽФơ"iptables"Ȥ
ե˷̤쥯Ȥޤ

줿եϡץѤ뤳Ȥǡ
ǤդΥǥ쥯ȥǤޤ

standalone clientserverrouterѤΣĤ򤹤褦
ʤäƤޤ

# ./iptables-setup.pl

ȼ¹Ԥȡ

1 : standalone client host
2 : server
3 : router

ʹƤޤΤǡ13οϤ򤷤Ƥ

ˡǥեȡȥΥ󥿡ե̾ʹޤΤǡ
Ϥޤ

ʾ塢Ĥμȡiptables ꤹ뤿
륹ץȤ /etc/init.d/iptables ƤӽФ
եޤ

------------
* ץ
------------

ƥѤˡץѰդޤ

        -help : help ɽ
        -directory : եȤǥ쥯ȥꤹ
                     (e.g. -directory ./)
        -scriptonly : ץ(myiptables-setup.pl)뤬
                      ¹ԤϤʤ

------
* ư
------

iptables-setup.pl¹Ԥȡ

/DIR/myiptables-setup.sh
/DIR/iptables

ȤĤΥեޤ

# "/DIR/"ʬϡ* ƥȻ˽񤭴ȤפɤǤ

o /DIR/myiptables-setup.sh

  iptables ¹Ԥ뤿ΥץȤǤclientѡserverѡrouter
  ѤΣĤ꤬Ǥޤ

  serverѤϡä˲ΥФòwebѤʤɡˤˤϤʤ
  Ƥޤ󡣤ĤΥݡȤ򳫤ƤǤ

  routerѤΥץȤϡʬ˥ƥȤƤޤ󡣻䤬ʻȤäƤ
  ꤫顢̾ѤɬפȻפʬȴ褷Ǥ

o /DIR/iptables

  /etc/init.d/iptables start ˡɤ߹ޤեǤ
  ΥץȤ¹Ԥ塢iptables-saveƤӽФƤ
  


----------------------------
* ƥȻ˽񤭴Ȥ
----------------------------

ǥեȤǤϡ

my $DEFAULT_DIRECTORY = "/etc/sysconfig/";
my $DEFAULT_SCRIPT_FNAME = "myiptables-setup.sh";
my $DEFAULT_CFG_FNAME = "iptables";

ȤʤäƤꡢ

륹ץ̾ϡ"/etc/sysconfig/myiptables-setup.sh"
iptables  rule set ե̾ϡ/etc/sysconfig/iptables" Ǥ

⤷⡢ѹˤϡŬ񤭴Ƥ

* ץפΤȤ˽񤤤ƤޤץǤ⡢
Ϥǥ쥯ȥѹ뤳ȤǤޤ-directoryץˡ


ƥѤˡץꤹ뤳ȤǤޤ

        -help : help ɽ
        -directory : եȤǥ쥯ȥꤹ
                     (e.g. -directory ./)
        -scriptonly : ץ(myiptables-setup.pl)뤬
                      ¹ԤϤʤ

------
* ɵ
------

Υǥȥǡloopback interfaceΥѥåȤŪ˵Ĥʤ
ʤΤäΤǡ򤿤ɤäACCEPTˤ

# dnsưƤۥȤǤ򤷤ƤʤȡۥȾ̾
# 褬ǤʤdigȤǤʤˡ

@SIMPLE_SETTING
  "\$IPTABLES -A allowed -i lo -j ACCEPT"
ʬ

Vine ǤɬפΤʤǤ
