temporary IP addition to firewall rules

Tim ignored_mailbox at yahoo.com.au
Mon Feb 5 04:04:34 UTC 2007


On Sat, 2007-02-03 at 20:26 -0600,  wrote:
> Noah wrote:
> > Does anybody have a recommendation for a program out there that would
> > allow somebody to enter an account and password on my website, their
> > IP address is cached, and the cached IP address is added temporarily
> > to the firewall ruleset to be allowed. 

Nathaniel Hall:
> I have actually considered doing almost exactly the same thing.  What I
> was planning on doing was writing a php page that the user would log in
> with.  When they do, then php would run a system command using their IP
> to add a netfilter (iptables) firewall rule.  There would then be a cron
> job that runs daily to restart the firewall, thus the added rules would
> be removed.

Surely a the last thing isn't required?  You can add and remove rules to
the firewall, and it doesn't need restarting for them to take affect.





More information about the fedora-list mailing list