Manualshelf

Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA
321322323324325326327328329330
8. Documentation for Developers
8.5. Using The Packet Filter
8.5.1. Adding Own Chains And Rules
A set of routines is provided to manipulate the packet filter to add or delete so-called “chains”
and “rules”. A chain is a named list of ordered rules. There is a set of predefined chains
(PREROUTING, INPUT, FORWARD, OUTPUT, POSTROUTING), using this set of routines more chains
can be created as needed.
add_chain/add_nat_chain <chain>: Adds a chain to the “filter-” or “nat-” table.
flush_chain/flush_nat_chain <chain>: Deletes all rules from a chain of the “filter-” or
“nat-” table.
del_chain/del_nat_chain <chain>: Deletes a chain from the “filter-” or “nat-” table.
Chains must be empty prior to deleting and all references to them have to be deleted
as well before. Such a reference i.e. can be a JUMP-action with the chain defined as its
target.
add_rule/ins_rule/del_rule: Adds rules to the end (add_rule) resp. at any place of a
chain (ins_rule) or deletes rules from a chain (del_rule). Use the syntax like here:
add_rule <table> <chain> <rule> <comment>
ins_rule <table> <chain> <rule> <position> <comment>
del_rule <table> <chain> <rule> <comment>
where the parameters have the following meaning:
table The table in which the chain is
chain The chain, in which the rule is to be inserted
rule The rule which is to be inserted, the format corresponds to that used in the config-
uration file
position The position at which the rule will be added (only in ins_rule)
comment A comment that appears with the rule when somebody looks at the packet
filter.
8.5.2. Integrating Into Existing Rules
fli4l configures the packet filter with a certain default rule set. If you want to add your own
rules, you will usually want to insert them after the default rule set. You will also need
to know what the action is desired by the user when dropping a packet. This information
can be obtained for FORWARD- and INPUT chains by calling two functions, get_defaults and
get_count. After calling
get_defaults <chain>
the following results are obtained:
drop: This variable contains the chain to which is branched when a packet is discarded.
321