[KLUG Members] ipcop ipchains rules

Bruce Smith members@kalamazoolinux.org
20 Feb 2002 11:35:00 -0500

Previous message: [KLUG Members] ipcop ipchains rules
Next message: [KLUG Members] ipcop ipchains rules
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 0 23 * * * /sbin/ipchains -I ethernetout 1 -i eth1 -j DENY
> 0 23 * * * /sbin/ipchains -I ethernetin 1 -i eth1 -j DENY
> 
> 0 6 * * * /sbin/ipchains -D ethernetout 1 -i eth1
> 0 6 * * * /sbin/ipchains -D ethernetin 1 -i eth1
> 
> When I type the /sbin/ipchains part of the listings in  at the command prompt 
> I first get the error "ethernetout chain name too long must be 8 characters 
> or less" 
> 
> I change the name to etherout and run the command again and get the error "no 
> target by that name".    
> 
> Any suggestions on what I am doing wrong??

I took a quick look at the chains on my IPCOP box, and I would 
*GUESS* that you should use "ipac_in" and "ipac_out" instead of
ethernetin & ethernetout.

It also appears you might be able to use a single ipchains command 
using the chain name "ipac_bth" to handle both in & out at once.

I'm not home, so I can't try it now (without locking myself out).

This also assumes you are running version 0.1.1 with the latest update.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------

Previous message: [KLUG Members] ipcop ipchains rules
Next message: [KLUG Members] ipcop ipchains rules
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]