Skywall module to configure iptables.
First install and configure Skywall server.
Then to enable this module run as skywall
user:
$ cd /opt/skywall
$ . env/bin/activate
(env) $ pip install git+https://github.com/SkyPicker/Skywall-iptables.git
(env) $ skywall set --modules skywall_iptables
(env) $ skywall install
To disable the module run:
(env) $ skywall set --modules ~skywall_iptables
First install and configure Skywall client.
Then to enable this module run as skywall
user:
$ cd /opt/skywall
$ . env/bin/activate
(env) $ pip install git+https://github.com/SkyPicker/Skywall-iptables.git
(env) $ skywall set --modules skywall_iptables
Skywall iptables module needs to sudo /sbin/iptables
in order to save configured iptable rules.
To let the module do it run sudo visudo
and add the following line:
skywall ALL=NOPASSWD: /sbin/iptables
To disable the module run:
(env) $ skywall set --modules ~skywall_iptables
If you want to just see what the module would do instead of actually saving any iptable rules
anywhere, you can enable dryrun
mode:
(env) $ skywall set --iptables.dryrun True
To disable dryrun
mode run:
(env) $ skywall set --iptables.dryrun False
$ git clone https://github.com/SkyPicker/Skywall-iptables.git skywall-iptables
$ cd skywall-iptables
$ virtualenv --python=/usr/bin/python3 env
$ pwd > $(echo env/lib/python*/site-packages)/local.pth
$ . env/bin/activate
(env) $ pip install git+https://github.com/SkyPicker/Skywall.git
(env) $ pip install -r requirements.txt
(env) $ nodeenv -p --node=7.7.4
(env) $ npm install
(env) $ ln -s .. node_modules/skywall_iptables
(env) $ skywall set --modules skywall_iptables
(env) $ skywall install
If you want to enable some other modules, run:
(env) $ pip install MODULE
(env) $ skywall set --modules MODULE
(env) $ skywall install
$ git clone https://github.com/SkyPicker/Skywall-iptables.git skywall-iptables
$ cd skywall-iptables
$ virtualenv --python=/usr/bin/python3 env
$ pwd > $(echo env/lib/python*/site-packages)/local.pth
$ . env/bin/activate
(env) $ pip install git+https://github.com/SkyPicker/Skywall.git
(env) $ pip install -r requirements.txt
(env) $ skywall set --modules skywall_iptables
If you want to enable some other modules, run:
(env) $ pip install MODULE
(env) $ skywall set --modules MODULE
Follow general configuration instructions for the server and the client.
During development you may not want to actually save any iptable rules anywhere. To achieve this
just enable dryrun
mode:
(env) $ skywall set --iptables.dryrun True
To run your server in the developement mode with frontend hot-reload you need to enable it:
(env) $ skywall set --devel true
And then run your server (without manually building it, it will build itself):
(env) $ skywall server
This option will enable various debug messages and it will automatically reload the frontend app whenever you change some code in it.
Client has no developement mode yet. Just run:
(env) $ skywall client
Before commiting your code it's a good habit to lint it:
(env) $ npm run eslint
(env) $ npm run pylint