plugins->registerEvent('iptables_insert', $this->plugin_name, 'insert'); $app->plugins->registerEvent('iptables_update', $this->plugin_name, 'update'); $app->plugins->registerEvent('iptables_delete', $this->plugin_name, 'delete'); } function insert($event_name, $data) { global $app, $conf; $this->update($event_name, $data); } function update($event_name, $data) { global $app, $conf; /* ok, here is where we do some fun stuff. First off we need to see the currently running iptables (sans the fail2ban) and compare with the database. This is the method that is good for multi servers and keeping the firewall read only so a comromised box will not corrupt the master server. If the running iptables and the new iptables don't match, lets send a note to the monitoring data to say that there is a difference. Maybe we can have the iptables gui inteface check the data field for changes and post a warning and or the changes as disabled rules. If an admin adds a rule on the comand line we should make it easy to add to the database, but hard to overwrite the data. 1. So first is a reading of the current rules by filter:table with our friend awk 2. Compare with database 3. Send notices or updates 4. Apply rules from database 5. Preform some type of sainity check like the apache restart script 6. Profit # automate this with a loop, but here it is for santity sake. exec('iptables -S INPUT'); exec('iptables -S OUTPUT'); exec('iptables -S FORWARD'); $data['new'] should have lots of fun stuff exec('iptables -I XYZ'); */ } function delete($event_name, $data) { global $app, $conf; exec('iptables -D xyz'); } } ?>