I crashed on the netfilter / iptables homepage and also asked Google, but so far no luck.
I have a Rails application that needs to control packet filtering for its Linux host. This can be done by simply dropping the rules in / etc / sysconfig / iptables and, of course, bouncing the iptables script to launch. But it would be sweeter if he could just make calls through the API.
Application requirements are actually very simple; he only needs to add and remove ACCEPT rules for the given source IP address for this TCP port on the server in order to control access to this service.
I found links to the ruby-iptables project, but it seems like it ruined it a few years ago.
If I have to resort to raw calls to getsocketopt () and the like, I will just make a text file and restart approach that will offend my slip sensor but make my client smile because he likes the working software better than it really is elegant software that will work very soon.
source
share