Iptables and Connection Limits

Create connection limits for any users using a very basic script in the firewall area as shown below > iptables -I FORWARD -p tcp --syn -m iprange --src-range 10.212.1.100-10.212.3.200 -m connlimit --connlimit-above 60 -j DROP iptables -I FORWARD -p tcp --syn -m iprange --src-range 10.…

Auto provision clients in ZeroShell

There are hundreds of bash scripts in that folder. They automate many operations, such as adding new firewall rules, QoS rules, managing network interfaces e.t.c. For example run to add new static DHCP entry. > /root/kerbynet.cgi/scripts/dhcp_addstatic 00 192.168.10.10 AA:BB:CC:…

Cisco PIX Firewall Basics

Cisco PIX Firewall Basics [http://www.netcraftsmen.net/resources/archived-articles/369-cisco-pix-firewall-basics.html] Introduction The online reference materials for configuring Cisco PIX Firewall Version 6.1 can be found at: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/index.htm . I recommend you look there for…

Iptables and Cisco

Some basic rules to allow Cisco VPN clients through firewalls: > iptables -A FORWARD -i $INSIDE_IF -o $OUTSIDE_IF -p 50 \ -s $INSIDE_NET -d $VPN_GW -j ACCEPT iptables -A FORWARD -i $INSIDE_IF -o $OUTSIDE_IF -p udp \ -s $INSIDE_NET -d $VPN_GW –dport 500 -j ACCEPT…