[Firehol-support] Rule insertion order in firehol.conf

Carlos Rodrigues carlos.efr at mail.telepac.pt
Sat Nov 25 13:37:01 CET 2006


Hi,

I was wondering, if I have something like this on my firehol.conf file...

   mac "${some_ip_address}" "${some_mac_address}"

   iptables -N custom_chain
   iptables -A FORWARD -i ${some_interface} -j custom_chain

   snat to "${my_address}" outface "${some_interface}" src
"${internal_addresses}"

   [interface rules]
   [router rules]

...is the ordering maintained when the rules are inserted by FireHOL?

I noticed that it seems to be right now, which makes sense, since the
configuration file is basically a shell script. There is a WRONGMAC
rule first, then the jump to "custom_chain", then the other rules. But
I wanted to know if I can rely on this, i.e. if this is by design or
if it can change in future versions of FireHOL.

Thanks in advance,

-- 
Carlos Rodrigues




More information about the Firehol-support mailing list