To the timing of Iptables: Fu Jianmin issued a document time: 2004.11.16 As a network administrator, you need to regularly timed to modify firewall rules, improve the safety factor. There is an important parameter Time in iptables, iptables in Linux. With this parameter, users can complete the configuration of various rules that require timed in the firewall. Although sometimes users can use cron to complete the relevant features, the utilization of the TIME parameter will bring greater convenience. Since the TIME parameters are not included in the various parameters in iptables in the public release, this patch must be hit by the kernel upgrade. Therefore, you need to download the relevant patch file to the relevant website, add this parameter by upgrading the kernel. The operation should be logged in as root, and the system is operated to be Debian 3.0, Kernel-2.2.20 and iptables-1.2.6a. The author downloaded two files for iptables-1.2.8.tar.bz2 and patch-o-matic-20030912.tar.bz2. The loading module first upgraded the kernel online, the command is as follows: # APT-GET Install Kernle-Image-2.4.21-5-686 After the upgrade is complete, restart the machine, log in as root. Enter the directory where the download file is located, start the upgrade after decompression. The first step is to write the TIME module in iptables's patch file to the Linux kernel file to prepare the kernel. Enter the iptables patch file directory, the TIME module you want is in the base subdirectory. Subsequently, the user runs the following command in accordance with the example in the ReadMe file: # kernel_dir = / usr / src / linux-2.4 ./runme base /usr/src/linux-2.4 is the directory where the system kernel file is located, the command is running A module selection interface appears. There are two regions in the interface, and the related module names, functions, and syntax modes are written in a region; another area gives various options, such as Y / N / R /........... Q /? / _, Where n option represents the next module, y indicates that Q means exit. First determine if the current module is required, if you don't need it, press the "N" button to enter the car, continue to display the relevant information of the next module. The Time module is the last one. After the TIME module appears, the relevant syntax sample inside will appear, and it is used. Then press the "Y" button to indicate this module, and finally press "Q" to exit. Compile the kernel to enter the directory where the kernel file is located, enter the following command to start compiling the kernel: #make mrpropert # Make Xconfig (or #make menusfig) #make dep #MAKE BZIMAGE #MAKE Install Next Enter the following command load module file: #make Modules #make modules_install then upgrades iptables.
