Iceditch file structure: Difference between revisions

From SaruWiki
Jump to navigation Jump to search
(First filestructure setup)
 
m (changed config filename)
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:
Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:


'''/etc/iceditch/rules.conf'''
'''/etc/iceditch/rules.conf'''<br>
This is the "rulefile", that contains your actual firewall rules (in [[Iceditch IPtables language]]).
This is the "rulefile", that contains your actual firewall rules (in [[Iceditch IPtables language]]).


'''/etc/iceditch/.rules.bak'''
'''/etc/iceditch/iceditch.conf'''<br>
This file may or may not exist; it's a backup of the rulefile, made by Iceditch itself when you told it to.
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like ''Inet=eth0''). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.


'''/etc/iceditch/params.conf'''
'''/etc/iceditch/params.conf'''<br>
This is the "parameter file", a file that contains all parameters that Iceditch needs for your firewall. This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.
This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like
IPblocked=192.168.1.14 # don't want any traffic to the switch from here
IPblocked=216.73.93.8
IPblocked=127.0.0.2    # Blocked on 2008-07-05 for hacking attempts


'''/bin/iceditch'''
'''/etc/iceditch/backup/.rules.bak''',<br>
'''/etc/iceditch/backup/.config.bak''',<br>
'''/etc/iceditch/backup/.params.bak'''<br>
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a [[Iceditch functionality | safestart]], or when you call [[Iceditch functionality | ''iceditch restore'']].
 
'''/bin/iceditch'''<br>
This is the firewall script itself. It's an executable shellscript.
This is the firewall script itself. It's an executable shellscript.


'''/etc/init.d/iceditch'''
'''/etc/init.d/iceditch'''<br>
This is only a symlink to the iceditch script itself.
This is only a symlink to the iceditch script itself.

Latest revision as of 08:29, 27 July 2008

Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:

/etc/iceditch/rules.conf
This is the "rulefile", that contains your actual firewall rules (in Iceditch IPtables language).

/etc/iceditch/iceditch.conf
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like Inet=eth0). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.

/etc/iceditch/params.conf
This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like

IPblocked=192.168.1.14 # don't want any traffic to the switch from here
IPblocked=216.73.93.8
IPblocked=127.0.0.2    # Blocked on 2008-07-05 for hacking attempts

/etc/iceditch/backup/.rules.bak,
/etc/iceditch/backup/.config.bak,
/etc/iceditch/backup/.params.bak
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a safestart, or when you call iceditch restore.

/bin/iceditch
This is the firewall script itself. It's an executable shellscript.

/etc/init.d/iceditch
This is only a symlink to the iceditch script itself.