On 11/03/2011 08:03 PM, Fajar Priyanto wrote:
> On Fri, Nov 4, 2011 at 10:15 AM, KevinO <kevin@xxxxxxxxxx> wrote:
>>> anyways, whatever, yes, you can do it with iptables, but not all off the
>>> shelf firewall script generators will support multiple LAN subnets. I
>>> usually write my own iptables rulesets.
>>>
>> I can say first hand that fwbuilder easily handles managing scripts for multiple
>> subnets and aliased addressing on NIC's. I use separate interface cards for each
>> subnet, however. (5 NIC's, 4 internal subnets, 3 public IP's on the one external
>> facing NIC)
>
> Hi Kevin,
> Expanding my original question.
> I have a need to open and close iptables rules based on particular
> time, say 1 week later, 1 month later, etc.
> Currently I have a simple script to do that:
> - Create the rules.
> - Create atd job to delete the rule based on the defined time.
> - Log it.
> It works, but not elegant :)
>
> Does fwbuilder have that function?
I'm not sure, and I don't have time to fire it up and check right now. I don't
have the latest version, anyway. I think there is an extensive manual on the
project's website and that will give you all of the details.
--
KevinO
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
