[Firehol-support] Aliased external interface
costa at tsaousis.gr
Fri Dec 3 20:12:13 GMT 2004
To have the FireHOL rules in separate files, and process them as if there
was one big file, just use the BASH "source" function. For example:
In general, you can do whatever BASH allows, including loops, execute
other programs, make decisions with BASH conditional statements (if...
then... else... fi), etc. You can even connect to a database to get the
One important thing to know however, is that FireHOL needs to process all
the helpers first and then the interface/router blocks. This means you
cannot have helpers and firewall rules in all files, except the first. All
the others will have to have only interface/router blocks. (Now that I
realize it, this is a stupid rule - added to my to-do list to remove this
On the other hand, FireHOL is not able (yet) to build a firewall in
multiple runs. For example, you *cannot* do:
root at host # firehol /etc/firehol/firehol-external.conf
root at host # firehol /etc/firehol/firehol-internal.conf
root at host # firehol /etc/firehol/firehol-dmz.comf
to build the firewall in multiple runs of FireHOL. (This would be fun
however - added to my to-do list also).
> Is it possible to break up the configuration file into multiple files?
> My list of rules is getting extensive, particulary since I'm configuring
> multiple external IP's. I'd like to split the file into a ruleset for
> each IP/interface, with master file to pull them together.
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
More information about the Firehol-support