• Ryan Jackson's avatar
    Initial client code and rules for Linux firewalls · 2690be45
    Ryan Jackson authored
    Made the following changes to the clientside code to support Linux
    - Made os_fwconfig_line() actually do something.
    - getfwconfig() adds an 'IPS' hash to the fwinfo hash.  This contains
      the IP address for each host, much like how the 'MACS' hash contains
      the MAC address for each host.  This is needed because ebtables (which
      is needed for ARP proxying) doesn't resolve hostnames.
    Rules are stored in firewall/iptables-fw-rules.  Syntax is similar to
    fw-rules, but without the rule number (since iptables doesn't use rule
    numbers).  These should be equivalent to our ipfw-based rules, but I
    haven't tested every case yet to confirm this.  I'm sure some changes
    will be necessary.
genconfig-iptables.pl 3.11 KB