Module iptables

iptables.

This module is for configuring rules on a host. Warning: the FORWARD chain is unsupported.

Info:

Functions

append(table, chain, source, destination, protocol, target, options, in, out, ipv6, ipv4)
Add iptables rules.

Promiser:

    tag

Parameters:

  • table packet matching table [DEFAULT: filter]
  • chain [DEFAULT: INPUT]
  • source source specification. Default network mask is /32.
  • destination destination specification. Default network mask is /32.
  • protocol protocol of the rule to match for
  • target target of the rule
  • options space delimited string that is passed as extra options to iptables
  • in incoming interface via which the rule to match for
  • out outgoing interface via which the rule to match for
  • ipv6 Use ip6tables
  • ipv4 Use iptables [DEFAULT: "yes", true]

Usage:

    iptables.append("comment"){
           table = "filter",
           chain = "input",
          target = "accept",
          source = "6.6.6.6",
        protocol = "tcp",
         options = "-m tcp --sport 31337 --dport 31337"
    }
disable(NONE)
Disable iptables. Flush, zero out counters and remove user-defined chains.

Promiser:

    tag

Parameters:

  • NONE

Usage:

    iptables.disable("comment")()
default(host, source, ssh)
Default deny but allow incoming connections to port 22.

Promiser:

    tag

Note:

    IPv4 only at the moment.

Parameters:

  • host IP of the local host [DEFAULT: 0.0.0.0]
  • source IP of host to white list [DEFAULT: 0.0.0.0]
  • ssh SSH port [DEFAULT: 22]

Usage:

    iptables.default("comment")()
generated by LDoc 1.4.6 Last updated 2017-05-09 15:50:38