New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

Iptables restore scheduled?

Got problems with your B2 or B3? Share and get helped!
Gordon
Posts: 1461
Joined: 10 Aug 2011, 03:18

Re: Iptables restore scheduled?

Post by Gordon »

That is clever indeed, even though probably not many people will have this type of NAT rules in place.

But there also appears to be a bit of an oversight here. As you found out, it does not take into account that there may be dynamic (unsaved) rules in place that get deleted this way. It would also rewrite rules that have a different target than the old eth0 address.

I think you could improve the script by adding some additional tests that verify that $new_* is in fact different from $old_* AND that DNAT rules do exist for the $old_ip_address. If none of this is true, there's no sense in reloading the firewall rules anyway. I'd suggest if your provider has assigned a fixed IP, that you just delete this script (or remove the executable flag).
Eek
Posts: 372
Joined: 23 Dec 2007, 03:03
Location: the Netherlands

Re: Iptables restore scheduled?

Post by Eek »

That's a good idea.
For now i just saved my iptables as firewall.conf :lol:
When I have time I'll make the script smart and submit it to excito for a future update.
cheers
Eek
Post Reply