1. Save the file ip_tables_rules.txt as /home/<username>/iptables_rules.txt
It contains a list of iptables directives to block access to various Boinc projects. They are currently commented/disabled with # char
2. Create a simple script to edit the rules and reload the rules. I created a script file named set-fw (short for set-firewall), which will load the iptables_rules.txt file in the nano editor. When you exit the editor, it will reload the iptables_rules.txt and echo the current rules. Here is the script...
nano /home/<username>/iptables_rules.txt
iptables-restore < /home/<username>/iptables_rules.txt
iptables -L
3. Run the script...
sudo ./set-fw
(you might need to run "sudo chmod 777 set-fw" to set permissions to allow you execute it)
To block access to project, remove the # char from the beginning of the line.
4. Exit the editor, saving the file in the process. You should see the current rules displayed, like this...
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 128.95.160.0/24 anywhere
5. In order to make these setting persistent, in case the system reboots, modify the network configuration to load the iptables_rules.txt any time the interface is started, such as a reboot. Add this line to file /etc/network/interfaces...
pre-up iptables-restore < /home/<username>/iptables_rules.txt
The interfaces file should look something like this...
auto lo
iface lo inet loopback
pre-up iptables-restore < /home/<username>/iptables_rules.txt
All I have to do is either add a line for a new project, or comment out a line if I no longer want it blocked. To comment the line, just put a # at the beginning of the line.
Again, if there's any better way, let me know.
Persistent firewall using iptables
- scole of TSBT
- Boinc Major General
- Posts: 5983
- Joined: Mon Feb 03, 2014 2:38 pm
- Location: Goldsboro, (Eastern) North Carolina, USA
Jump to
- Guest Access Forum
- General
- ↳ Fun and Games
- ↳ General
- ↳ Newshound RSS feeds
- ↳ Welcome
- ↳ Sneak Peak - Yearly Team Individual Stats Competition
- Competitions and Kudos
- ↳ Badges? We don't need no stinkin' badges!
- ↳ Kudos
- ↳ Milestones
- ↳ Milestones Archives
- ↳ Throw down the Gauntlet
- ↳ Pending Competitions
- ↳ archive
- ↳ TSBT Competitions
- Home Port of Anguillan Pirates
- ↳ Anguillan Pirates
- ↳ Pirates on Tour
- Hardware
- ↳ ASIC & FPGA Enchanced Devices
- ↳ Benchmarking and Hardware
- ↳ Graphics Processing Unit (GPU)
- ↳ Single-board Computers
- Operating Systems & Software
- ↳ Android
- ↳ BOINC Software Applications
- ↳ Linux
- ↳ Mac OS
- ↳ Microsoft Windows
- ↳ BOINC Technical Conventions and Papers
- ↳ FreeBSD
- BOINC Projects
- ↳ Biology / Medical
- ↳ GPUgrid
- ↳ RNA World
- ↳ Rosetta
- ↳ SiDock
- ↳ TN-Grid
- ↳ CERN
- ↳ LHC
- ↳ ATLAS
- ↳ Beauty
- ↳ CSM
- ↳ vLHC
- ↳ Chemistry
- ↳ QuChemPedIA
- ↳ Earth Sciences
- ↳ Climate Prediction
- ↳ Quake Catcher
- ↳ Mathematics / Computing
- ↳ Amicable Numbers
- ↳ Collatz Conjecture
- ↳ Gerasim
- ↳ GPUGRID
- ↳ iTHENA
- ↳ Loda
- ↳ NFS
- ↳ NumberFields
- ↳ ODLK
- ↳ ODLK1
- ↳ PGFNS
- ↳ PrimeGrid
- ↳ RakeSearch
- ↳ SRBase
- ↳ T.Brada
- ↳ ramanujan
- ↳ Van Der Waerden Numbers
- ↳ Wanless
- ↳ YAFU
- ↳ Physics
- ↳ nanoHub
- ↳ RADIOACTIVE
- ↳ Social Sciences
- ↳ MindModeling
- ↳ Space Sciences
- ↳ Asteroids
- ↳ Cosmology
- ↳ Einstein
- ↳ Gaia@home
- ↳ MilkyWay
- ↳ Universe
- ↳ Umbrella projects
- ↳ BOINC@TACC
- ↳ Citizen Science Grid
- ↳ Wildlife@Home
- ↳ DNA@Home
- ↳ SubsetSum@Home
- ↳ Moo! Wrapper
- ↳ yoyo
- ↳ World Community Grid
- ↳ General Posts
- ↳ Africa Rainfall Project
- ↳ Fight AIDS
- ↳ Help Cure Muscular Dystrophy
- ↳ Help Stop TB
- ↳ Mapping Cancer Markers
- ↳ Microbiome Immunity Project
- ↳ OpenPandemics - COVID-19
- ↳ Open Zika
- ↳ Outsmarting Ebola
- ↳ Smash Childhood Cancer
- ↳ Retired Projects
- ↳ Brainstorm
- ↳ Miscellaneous
- ↳ WUProp
- ↳ Permanent Testing
- ↳ Albert
- ↳ BURP
- ↳ RALPH
- ↳ Retired Projects
- ↳ ABC@home
- ↳ ABC Lattices
- ↳ Acoustics
- ↳ AlmereGrid Boinc Grid
- ↳ AlmereGrid TestGrid
- ↳ AndersonAttack@home
- ↳ Beal@Home
- ↳ Bitcoin Utopia
- ↳ CAS
- ↳ Chess960@Home
- ↳ Constellation
- ↳ CONVECTOR
- ↳ Correlizer
- ↳ Climate@Home
- ↳ Climateprediction.net Beta
- ↳ DBN UPPER BOUND
- ↳ DENIS
- ↳ DistrRTgen
- ↳ DHEP
- ↳ DistributedDataMining
- ↳ DrugDiscovery@Home
- ↳ DrugDiscovery
- ↳ Docking@Home
- ↳ Duchamp
- ↳ EDGeS@Home
- ↳ Enigma
- ↳ eOn
- ↳ FiND@Home
- ↳ iGEM@Home
- ↳ Goofyxgrid
- ↳ Gridcoin Finance
- ↳ ibercivis
- ↳ Ideologias@Home
- ↳ Kryptos@Home
- ↳ Lattices @Home
- ↳ Leiden Classical
- ↳ Malaria Control
- ↳ Najmanovich Research Group
- ↳ Nanosurface@home
- ↳ Neurona@Home
- ↳ OProject@Home
- ↳ OPTIMA@HOME
- ↳ Physics
- ↳ Pirates@Home
- ↳ Plagiarism@Home
- ↳ POEM@HOME
- ↳ Primaboinca
- ↳ QMC@Home
- ↳ Rioja Science
- ↳ Renderfarm.fi
- ↳ SAT@home
- ↳ SETI
- ↳ SETI Beta
- ↳ SimOne@home
- ↳ SIMAP Production
- ↳ SLinCA
- ↳ Spatiotemporal Quality of Service (QoS)
- ↳ Stop@home
- ↳ Superlink@Technion
- ↳ SZTAKI
- ↳ The Lattice Project
- ↳ theSkyNet POGS
- ↳ VGTU
- ↳ Virtual Prairie
- ↳ Volpex
- ↳ XANSONS for COD
- ↳ Non-BOINC Projects
- Links and Help Section
- ↳ Links
- ↳ Help
- ↳ Website Problems