On Wednesday 23 October 2002 07:58, Andrew Smith wrote:
> > HI,
> > Is there any netfilter extension which allows time based changing
> > of iptables rules. This is because sometimes you need to open up
> > some ports for a fixed period of time and then you forget to remove
> > the rule. A time based rule will automatically delete itself. I
> > realise the security implications, but do they exist ?
> Actually, if such a beast existed I would guess it would work
> differently.
> The Rule would always exist with time attributes and two targets ...
> one for when it is available and one for when it isn't.
> Anyone want to write one? :-) :-)
Hello,
actually, you can already use the time match from patch-o-matic to do the
way you explain it. It's just that it's a standard match in the sense that
you can use only one target with it, but it's enough if you want to do the way you explain:
- if time match then jump somewhere
- else jump somewhere else...
Have a nice day,
Fabrice.
--
Fabrice MARIE
"Silly hacker, root is for administrators"
-Unknown
