Iceditch file structure: Difference between revisions
(added params.conf) |
m (changed config filename) |
||
Line 4: | Line 4: | ||
This is the "rulefile", that contains your actual firewall rules (in [[Iceditch IPtables language]]). | This is the "rulefile", that contains your actual firewall rules (in [[Iceditch IPtables language]]). | ||
'''/etc/iceditch/ | '''/etc/iceditch/iceditch.conf'''<br> | ||
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like ''Inet=eth0''). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary. | This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like ''Inet=eth0''). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary. | ||
Line 13: | Line 13: | ||
IPblocked=127.0.0.2 # Blocked on 2008-07-05 for hacking attempts | IPblocked=127.0.0.2 # Blocked on 2008-07-05 for hacking attempts | ||
'''/etc/iceditch/.rules.bak''',<br> | '''/etc/iceditch/backup/.rules.bak''',<br> | ||
'''/etc/iceditch/.config.bak''',<br> | '''/etc/iceditch/backup/.config.bak''',<br> | ||
'''/etc/iceditch/.params. | '''/etc/iceditch/backup/.params.bak'''<br> | ||
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a [[Iceditch functionality | safestart]], or when you call [[Iceditch functionality | ''iceditch restore'']]. | These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a [[Iceditch functionality | safestart]], or when you call [[Iceditch functionality | ''iceditch restore'']]. | ||
Latest revision as of 08:29, 27 July 2008
Iceditch is quite a simple script, so it has only a few files. In a standard Debian environment, you'll find these files:
/etc/iceditch/rules.conf
This is the "rulefile", that contains your actual firewall rules (in Iceditch IPtables language).
/etc/iceditch/iceditch.conf
This is the "config file", a file that contains all default parameters that Iceditch needs for your firewall, like aliases for your NICs (like Inet=eth0). This is also the place where you would stuff your custom functions, so that you could call them from the rulefile when necessary.
/etc/iceditch/params.conf
This is the optional "parameter file", a file that may contain lists of parameters that you would want to read into your firewall. An example would be a list like
IPblocked=192.168.1.14 # don't want any traffic to the switch from here IPblocked=216.73.93.8 IPblocked=127.0.0.2 # Blocked on 2008-07-05 for hacking attempts
/etc/iceditch/backup/.rules.bak,
/etc/iceditch/backup/.config.bak,
/etc/iceditch/backup/.params.bak
These three files may or may not exist; they're backups of the rulefile and parameter file, made by Iceditch itself when you told it to. These will be the source of the "new" rules and parameters, when Iceditch performs a fallback after a safestart, or when you call iceditch restore.
/bin/iceditch
This is the firewall script itself. It's an executable shellscript.
/etc/init.d/iceditch
This is only a symlink to the iceditch script itself.