Hi, IP tables get run from a shell one way or another and most shell's allow you to define variables (and it is the shell, not ip tables that will do the variable replacement. I normally setup my firewall scripts in a bash script. You could do something like this: #!/bin/sh NETWORK="192.168.1.0/24" GATEWAY="192.168.1.1" ROUTER="23.4.56.32" SECURENET="23.4.56.48/28" iptables -A input -s $NETWORK -d $SECURENET -j ACCEPT All the stuff above is fake (and pretty meaningless) but you can use something like that to make your scripts more readable and easily to modify. Sheer On Thu, 6 Jun 2002, Sergio Alves de Lima Jr. wrote: > > Hello, > > is possible definied variable in iptables rule, example: > > $user="blueuser"; > > iptables -A input -s $user -d 0/0 -j ACCEPT > > Atenciosamente, > > =================================== > Sergio A Lima Junior > Depto. de Suporte > GrupoNet Tecnologia > sergio@gruponet.com.br > http://www.gruponet.com.br > =================================== > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@linuxsecurity.com > with "unsubscribe" in the subject of the message. > > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
