wiki:experiences:igraltist:jail_shorewall
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

This is an old revision of the document!


;
; RSBAC JAIL definition for shorewall         
; 20080707
;
; Tested by:
; igraltist on gentoo
;
""
"0.0.0.0"
(allow-dev-read
 allow-dev-write
 allow-dev-get-status
 allow-all-net-family
 allow-inet-raw
 allow-ipc-syslog)
(net-admin
 sys-resource
 setuid
 setgid
 net-raw)
(firewall)
(firewall
 net-id
 sysctl
 rlimit)

add this to the shorewall initscript

 run-jail shorewall /sbin/shorewall  -f start

or

 rsbac_jail  -d -D -e -n -r -y -C  NET_ADMIN SYS_RESOURCE SETUID SETGID NET_RAW -G  firewall -M  firewall net_id sysctl rlimit /sbin/shorewall  -f start
//
wiki/experiences/igraltist/jail_shorewall.1215994700.txt.gz · Last modified: 2008/07/14 02:18 by 127.0.0.1

wiki/experiences/igraltist/jail_shorewall.1215994700.txt.gz · Last modified: 2008/07/14 02:18 by 127.0.0.1
This website is kindly hosted by m-privacy