NAME

VUser::Firewall::iptables - vuser extension for modifying iptables

DESCRIPTION

Writes a script containing given iptables rules. This script is not run unless the firewall|reload action is given or Extension Firewall:auto reload is set.

CONFIGURATION

[vuser]
extensions = Firewall::iptables

[Extension Firewall::iptables]
# Update multiple hosts in parellel
fork = yes

# The default chain to work on.
default chain = FIREWALL

[Extension Firewall::iptables-firewall1]
# Skip this firewall
skip = no

# The path to the script to write.
file = /etc/rc.d/rc.firewall

# IP (or hostname) of the firewall to update. Comment out to modify
# a local firewall.
host = 192.168.1.1

# SSH user to connect as. This user must also have permissions to write
# the firewall script ('file' above) on the firewall
user = root

# The user's private ssh key. The public key must be added to the user's
# .ssh/authorized_keys file.
ssh key = /path/to/private_id.dsa

# Restart command. The user specified above must have permission to run
# this command. 
restart = /etc/rc.d/rc.firewall

AUTHOR

Randy Smith <perlstalker@vuser.org>

LICENSE

This file is part of vuser.

vuser is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

vuser is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with vuser; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA