[chuug] Firewall script

[David Clymer]

A (hopefully) more practical self referencing script is one that I wrote
today.

I was sick of my slow firewall script comprised of tons of iptables
invocations, so I decided to switch to using iptables-restore to load my
rules. The catch was that if I did that, I could no longer use shell
variables to improve readability and facilitate management of my rules.
So I wrote the attached script to make this possible. The drawback is
that I can't use parens, quotes, and such like in logging rules without
escaping them. For example, I've got to do the following:

-A INPUT -d 192.168.11.1 --jump LOG --log-prefix \"A packet.
\(commentary, blah blah\): \"

That's ok, I guess, but it's kind of annoying. Is there any other way I
could allow the use of variables in rule definitions, or is the best I
can do? Simpler is better, of course.

-davidc
-- 
gpg-key: http://www.zettazebra.com/files/key.gpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fw
Type: application/x-shellscript
Size: 1275 bytes
Desc: not available
Url : http://listmgr.cv.nrao.edu/pipermail/chuug/attachments/20061103/0d9e5e6c/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://listmgr.cv.nrao.edu/pipermail/chuug/attachments/20061103/0d9e5e6c/attachment-0001.bin