[isf-wifidog] How to configure an ip range in firewallruleset

Mer 17 Jan 20:28:35 EST 2007

I want to apply this iptables rule on each wifi gateway router, to prevent access to the entity's lan, but grant the wifi users access out to the internet, through the entity's internet  router - 1.1.1.254

  John Boushall

John Boushall <stumblingthunder at yahoo.com> wrote:
    I have researched an iptables option and would like to apply it to my global restrictions:

  iptables -A FORWARD -m iprange --dst-range 1.1.1.1-1.1.1.253 -j DROP
                  (GLOBAL?)

  The ip range is fictitious in the example.

  John Boushall

Benoit Grégoire <bock at step.polymtl.ca> wrote:
  On Wednesday 17 January 2007 15:18, Max Horváth wrote:
> You can use the standard iptables command set ...
>
> If you wanna restrict the access to every user of the node, just do
> it on the router directly.
>
> If you wanna restrict the access to a specific user class, add your
> iptables command to the file fw_iptables.c in function
> iptables_load_ruleset() and add the rulesets like that:
> iptables_do_command("-t filter -I " TABLE_WIFIDOG_WIFI_TO_INTERNET "
> 1 -o interface DO WHATEVER");

You can normally do that from the wifidog config file.

-- 
Benoit Grégoire
Technologies Coeus inc.
_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

---------------------------------
  It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar._______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

---------------------------------
Be a PS3 game guru.
Get your game face on with the latest PS3 news and previews at Yahoo! Games.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20070117/2978dc0f/attachment.htm