[maemo-developers] Dynamic iptables firewall NAT IP masquerade shell scripts + dialog - kind request

[From: John Holmblad]

Darius,

it does not appear that the dialog command is included in the version of 
bash (bash2) that can be installed in OS2008. I installed bash2 to see 
if the dialog command is present but it is not as far as I have been 
able to test.

In principle, I do see your point about how the use of the dialog 
command with other shell scripting could be used for iptables config.


Have you done a www search to see what is out there with respect to 
front end scripts for iptables?


Best Regards,

 

John Holmblad

 

Acadia Secure Networks, LLC

* *

*Serving the SmartDigital^TM home, entrepreneurial enterprise, and 
emerging network service provider markets*

* *

*GSEC Gold,  GCWN Gold,  GAWN,  GGSC-0100,  NSA-IAM,  NSA-IEM***

*Cisco Select Certified Partner and SMB Specialist | **Microsoft Small 
Business Specialist | Speakeasy Certified VOIP Partner | Linksys 
Authorized LVS Partner | Qualys Certified Qualysguard Specialist*

* *

(M) 703 407 2278

(F)  703 620 5388

 

(W) www.acadiasecure.com

 

primary email address:  jholmblad at acadiasecure.com 
<mailto:jholmblad at acadiasecure.com>

backup email address:  jholmblad at verizon.net <mailto:jholmblad at verizon.net>



Darius Jack wrote:
> Hi John,
>
> thanks for your kind help.
> Frankly speaking, what I mean is Dialog interface to iptables, bandwidth managment, firewall, NAT ....
> As dialog is fast, not generating overheads to processor and graphics,
> code is open as a shell script.
> I just need 1-2 persons to work out a solution.
> Very simple solution.
> No compilation, no installation, no porting problems.
> Just pls tell me what do you think about it.
> Is Dialog not ok to enter parameters to shell scripts running iptables, firewall, NAT, Masquarade ?
>
> I am just testing one bandwidth management application, but frankly speaking would prefer another shell script based on iptables to set priorities.
>
> Darius
>
> \
> - On Sat, 2/8/08, John Holmblad <jholmblad at acadiasecurenets.com> wrote:
>
>   
>> From: John Holmblad <jholmblad at acadiasecurenets.com>
>> Subject: Re: Dynamic iptables firewall NAT IP masquerade shell scripts + dialog - kind request
>> To: dariusjack2006 at yahoo.ie
>> Cc: maemo-developers at maemo.org
>> Date: Saturday, 2 August, 2008, 10:18 PM
>> Darius,
>>
>> your earlier post led me to research a product called
>> Kmyfirewall which 
>> is a GUI based front end for iptables that is designed for
>> KDE. I asked 
>> the develolper if he knew of anyone attempting to port the
>> front end to 
>> the Internet tabled but he does not know of any such
>> attempt.
>>
>> Here also is the sourceforge www page for the project:
>>
>>
>>     http://sourceforge.net/projects/kmyfirewall
>>
>> If I understand correctly it sounds like you one and
>> perhaps 2 issues to 
>> address:
>>
>> 1. Traffic Shaping for 802.11 clients to a given 802.11 AP
>> on your network.
>>
>> 2. A convenient way to remotely manage your network using
>> the Internet 
>> Tablet as a management terminal (e.g. using SSH, VNC,or
>> RDP, etc.) 
>> communicating with your network through the Internet,
>> itself accessed 
>> from your Internet tablet via Bluetooth/3G, Bluetooth/evdo,
>> or 802.11 to 
>> a public or private 802.11 Access Point (e.g. hot spot).
>>
>>
>>
>> Best Regards,
>>
>>  
>>
>> John Holmblad
>>
>>  
>>
>> Acadia Secure Networks, LLC
>>
>> * *
>>
>> *Serving the SmartDigital^TM home, entrepreneurial
>> enterprise, and 
>> emerging network service provider markets*
>>
>> * *
>>
>> *GSEC Gold,  GCWN Gold,  GAWN,  GGSC-0100,  NSA-IAM, 
>> NSA-IEM***
>>
>> *Cisco Select Certified Partner and SMB Specialist |
>> **Microsoft Small 
>> Business Specialist | Speakeasy Certified VOIP Partner |
>> Linksys 
>> Authorized LVS Partner | Qualys Certified Qualysguard
>> Specialist*
>>
>> * *
>>
>> (M) 703 407 2278
>>
>> (F)  703 620 5388
>>
>>  
>>
>> (W) www.acadiasecure.com
>>
>>  
>>
>> primary email address:  jholmblad at acadiasecure.com 
>> <mailto:jholmblad at acadiasecure.com>
>>
>> backup email address:  jholmblad at verizon.net
>> <mailto:jholmblad at verizon.net>
>>
>>
>>
>> Darius Jack wrote:
>>     
>>> Hi John and others,
>>>
>>> spent last days learning how to manage bandwidth in my
>>>       
>> router + server.
>>     
>>> What I need is dynamic bandwidth management.
>>>
>>> To have 3 classes of wifi users.
>>> class 1 - superuser - full bandwidth access
>>> class 2 - users identified by MAC address
>>> class 3 - anonymous users (no MAC address entered)
>>>
>>> What I get with iptables, wshaper is wan/lan bandwidth
>>>       
>> management.
>>     
>>> What I need is wlan bandwidth management by users no.
>>>       
>> , by application, by time of day, date and the like.
>>     
>>> Remotely assigning wifi access without the need to
>>>       
>> rebot server each time.
>>     
>>> Ok.
>>> I can run iptables from command line anyway.
>>>
>>> But need a nice tool with basic graphical interface
>>>       
>> (dialog is ok)
>>     
>>> and append and remove/ delete MAC address, to generate
>>>       
>> iptables rules, when run as a shell script .
>>     
>>> Another issue is
>>> I need my router + server to access wifi Internet as a
>>>       
>> client
>>     
>>> and share the same access to wifi clients as a server,
>>> with bandwidth management on.
>>>
>>> Please refer me to some nice places with shell script
>>>       
>> solutions.
>>     
>>> thanks
>>>
>>> Darius
>>>
>>>
>>> --- On Fri, 25/7/08, John Holmblad
>>>       
>> <jholmblad at acadiasecurenets.com> wrote:
>>     
>>>   
>>>       
>>>> From: John Holmblad
>>>>         
>> <jholmblad at acadiasecurenets.com>
>>     
>>>> Subject: Re: Dynamic iptables firewall NAT IP
>>>>         
>> masquerade shell scripts + dialog - kind request
>>     
>>>> To: dariusjack2006 at yahoo.ie
>>>> Cc: maemo-developers at maemo.org
>>>> Date: Friday, 25 July, 2008, 5:13 PM
>>>> Darius,
>>>>
>>>> would a VNC client on your 770 be a solution to
>>>>         
>> manage your
>>     
>>>> systems? If 
>>>> not,why not?
>>>>
>>>> Alternatively you install a linux virtual machine
>>>>         
>> on one of
>>     
>>>> your systems 
>>>> and VNC into it from your 770 and then use that
>>>>         
>> linux VM to
>>     
>>>> control the 
>>>> servers in your server "farm".
>>>>
>>>>
>>>> Best Regards,
>>>>
>>>>  
>>>>
>>>> John Holmblad
>>>>
>>>>  
>>>>
>>>> Acadia Secure Networks, LLC
>>>>
>>>> * *
>>>>
>>>>
>>>>
>>>> Darius Jack wrote:
>>>>     
>>>>         
>>>>> Hi,
>>>>>
>>>>> I am trying to restrict maemo wifi access to
>>>>>           
>> Internet
>>     
>>>>>       
>>>>>           
>>>> on-the-fly
>>>>     
>>>>         
>>>>> and have one with admin's access ssh
>>>>> and have some preloaded shell scripts running
>>>>>           
>> on a
>>     
>>>>>       
>>>>>           
>>>> server
>>>>     
>>>>         
>>>>> and the ability to edit shell scripts locally
>>>>>           
>> on maemo
>>     
>>>>> and sent to server to be run
>>>>> to avoid on-line shell script editing while
>>>>>           
>> wifi
>>     
>>>>>       
>>>>>           
>>>> network is suddenly off.
>>>>     
>>>>         
>>>>> Ok. In plain words.
>>>>> I need OS2007HE (or OS2008) running 770
>>>>> to act as a remote console for a number of
>>>>>           
>> servers and
>>     
>>>>>       
>>>>>           
>>>> APs
>>>>     
>>>>         
>>>>> and to control some servers + AP remotely
>>>>> get traffic load data and more.
>>>>> Not necessary VNC .
>>>>> Going abroad I would like to still have a
>>>>>           
>> control of a
>>     
>>>>>       
>>>>>           
>>>> server and AP,
>>>>     
>>>>         
>>>>> remote rebooting, remote ports closing, add/
>>>>>           
>> remove
>>     
>>>>>       
>>>>>           
>>>> MAC addresses
>>>>     
>>>>         
>>>>> and the like.
>>>>>
>>>>> So maemo as mobile Linux console.
>>>>> Any ideas, links to some scripting, dynamic
>>>>>           
>> iptables,
>>     
>>>>>       
>>>>>           
>>>> firewall, NAT, masquerade
>>>>     
>>>>         
>>>>> thanks
>>>>>
>>>>> Darius
>>>>>
>>>>>
>>>>> Send instant messages to your online friends
>>>>>       
>>>>>           
>>>> http://uk.messenger.yahoo.com 
>>>>     
>>>>         
>> _______________________________________________
>>     
>>>>> maemo-developers mailing list
>>>>> maemo-developers at maemo.org
>>>>>
>>>>>       
>>>>>           
>> https://lists.maemo.org/mailman/listinfo/maemo-developers
>>     
>>>>     
>>>>         
>>>>>       
>>>>>           
>>> Send instant messages to your online friends
>>>       
>> http://uk.messenger.yahoo.com 
>>     
>>>
>>>       
>
> Send instant messages to your online friends http://uk.messenger.yahoo.com 
>
>
>