Installation manual

Cyclades-TS

Appendix A - Linux

Installation Manual

The Cyclades-TS uses the Linux utility ipchains to filter IP packets entering, leaving and passing through its

interfaces. An ipchains tutorial is beyond the scope of this manual. For more information on ipchains, see the

ipchains man page (not included with the Cyclades-TS) or the howto: http://netfilter.filewatcher.org/ipchains/

HOWTO.html.

The syntax of the ipchains command is:

ipchains -

command

chain

[-s

source

] [-d

destination

] [-p

protocol

] [-j

target

] [-i

interface

]

where command is one of the following:

A - Add a condition or rule to the end of the chain. Note that the order in which a condition appears in a chain

can modify its application and the first rule added to a chain is processed first, etc.

D - Delete a condition from the chain. The condition must match exactly with the command’s arguments to be

deleted.

R- Replace a condition in the chain.

I - Insert a condition in a specified location in the chain.

L - List all conditions in the chain.

F - Flush (remove) all conditions in the chain.

N - Create a new chain.

X - Deletes a user-created chain

P - Policy applied for default handling

chain is one of the following:

input - filters incoming packets

output - filters outgoing packets

forward - filters packets which are not created by the Cyclades-TS and are not destined to the Cyclades-TS

user_created_chain

- a previously defined (or in the process of being defined) chain created using the N

command described above.

The output chain controls which packets are sent. A packet can be accepted by the input chain, but then rejected

by the output chain. Likewise, the forward chain controls which packets will be routed. The input chain controls