› Forums › Network Management › ZeroShell › Simple (easy to manage) Firewall / Virtual Server Zeroshell › Reply To: Simple (easy to manage) Firewall / Virtual Server Zeroshell
This looks very possible.
I think best would be probably to leave the functionality of zeroshell pretty much as it is, as such we would just add a chain that gets processed after any rules added via ZS firewall manager, for VSERVERS. That way, you can still do administration and, override of vserver rules if desired.
I will also make some of the requirements you’ve listed optional via a config section at the top of the script, (ie chain POLICY) that way this script would be more reusable by the community.
I would want to discuss some of the specifics with you. ie. I don’t have the problem you do with having to create rules for return traffic, but with the possibility to vary iptables rules so much, that could be just a rules difference.
I want the output of this command on your current live box.
echo FILTER; iptables -L -v -t filter; echo NAT; iptables -L -v -t nat; echo MANGLE; iptables -L -v -t mangle;
You can PM this to me if you’d like.