Hello all, I want create a sitch in OH 3 to set an iptables rule active or to disable it.
Did anybody do that before or is ther eabinding which could help?
Regards Markus
Let the switch trigger a rule that uses executeCommandLine.
Then you are at ‘shell’ level and can start a shell script from there.
Hello Wolfgang, in fact I tried this but I struggled as the super user bit. To start the script isnot the problem, to update the rules with iptables is my peoblem.
Regards Markus
What exactly is your problem with updating the iptables rules ?
Is it just a problem to do that triggered by OH or a problem of the iptables command itself ?
Hello Wolfgang, Isolved the propeblem.
I am working a solution to automatize the firewall settings.
I have an acces point running with own netw work an the OH3 server to implement WLA components. These network is blocked to run updates or to send data to third party companies. The firewall on theOH3 server is tset to drop all outgoing data.
But for updates I needtoopen it.
so I created a switch to delete a rule by setto “ON” and to reset the rule by switch to OFF.
The problem was the OH 3 run as openhab and iptabesis using root credentials.
so I did the folowing
cp /usr/sbin/iptables to a new location (same for iptables-restore)
setcap CAP_NET_RAW,CAP_NET_ADMIN+ep /NEW_LOCATION/iptables
same for iptables_restore
Then I create a rule which reacts on the switch tochange the rules
Regards Markus
This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.