wiki:experiences:igraltist:jail_shorewall
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
wiki:experiences:igraltist:jail_shorewall [2008/07/14 04:32]
127.0.0.1 (old revision restored)
wiki:experiences:igraltist:jail_shorewall [2008/07/14 04:36]
127.0.0.1 (old revision restored)
Line 1: Line 1:
-  ​ +<code bash>  ​ 
-  +
-  ; RSBAC JAIL definition for shorewall ​         +; RSBAC JAIL definition for shorewall ​         
-  ; 20080707 +; 20080707 
-  +
-  ; Tested by: +; Tested by: 
-  ; igraltist on gentoo +; igraltist on gentoo 
-  +
-  ""​ +""​ 
-  "​0.0.0.0"​ +"​0.0.0.0"​ 
-  (allow-dev-read +(allow-dev-read 
-   ​allow-dev-write + ​allow-dev-write 
-   ​allow-dev-get-status + ​allow-dev-get-status 
-   ​allow-all-net-family + ​allow-all-net-family 
-   ​allow-inet-raw + ​allow-inet-raw 
-   ​allow-ipc-syslog + ​allow-ipc-syslog 
-   ​allow-ipc-parent) + ​allow-ipc-parent) 
-  (net-admin +(net-admin 
-   ​sys-resource + ​sys-resource 
-   ​setuid + ​setuid 
-   ​setgid + ​setgid 
-   ​net-raw) + ​net-raw) 
-  (firewall) +(firewall) 
-  (firewall +(firewall 
-   ​net-id + ​net-id 
-   ​sysctl + ​sysctl 
-   ​rlimit) + ​rlimit) 
 +</​code>​
  
 add this to the shorewall initscript ​ add this to the shorewall initscript ​
Line 33: Line 33:
  
 or or
- +<code bash> 
-   ​rsbac_jail ​ -d -D -e -n -r -y -C  NET_ADMIN SYS_RESOURCE SETUID SETGID NET_RAW -G  firewall -M  firewall net_id sysctl rlimit /​sbin/​shorewall ​ -f start+rsbac_jail ​ -d -D -e -n -r -y -P -C  NET_ADMIN SYS_RESOURCE SETUID SETGID NET_RAW -G  firewall -M  firewall net_id sysctl rlimit /​sbin/​shorewall ​ -f start 
 +</​code>​
  
  
  
//
wiki/experiences/igraltist/jail_shorewall.txt · Last modified: 2008/07/14 04:36 by 127.0.0.1

wiki/experiences/igraltist/jail_shorewall.txt · Last modified: 2008/07/14 04:36 by 127.0.0.1
This website is kindly hosted by m-privacy