Iceditch Command Reference

From SaruWiki
Revision as of 11:29, 29 June 2008 by Saruman! (talk | contribs) (first command defined)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

accept [log [msg <message>]] <qualifiers>

If a network packet matches the qualifiers, then it will be accepted (passed) through the table/chain defined in the context where you put the accept rule. Example: 

 function input_filter {

context "INPUT" "filter" accept –p tcp --dport 22 

 }

Iceditch works this out to 

 iptables –t filter –A INPUT –p tcp –-dport 22 –-jump ACCEPT

Should you want to log the packet, you’d use 

 accept log msg Secure_Shell –p tcp --dport 22

Iceditch works this out to 

 iptables –t filter –A INPUT –p tcp –-dport 22 \
   –-jump LOG --log-prefix Secure_Shell 
 iptables –t filter –A INPUT –p tcp –-dport 22 –-jump ACCEPT

You can easily see that “accept log msg Secure_Shell –p tcp --dport 22” is much more readable... Because of how IPtables handles the ACCEPT target, you can only use it in contexts where the table is “filter”.

Retrieved from "https://www.saruman.biz/saruwiki/index.php?title=Iceditch_Command_Reference&oldid=1534"