IPTables::ChainMgr Used in PacketFence

19 February, 2009

The IPTables::ChainMgr module is now used by the PacketFence NAC system in the latest 1.8.0 release. The module is used to build iptables rules that match on source MAC addresses, set a connection mark, and jump packets into a dedicated MARK chain.

The latest release of the IPTables::ChainMgr module is 0.9 (available as of Feb 11th), and can be downloaded from CPAN. The changes since the 0.8 release are:

Added Net::IPv4Addr prerequisite to Makefile.PL (patch submitted by Dominik Gehl).
Updated perldoc documentation to properly discuss the delete_chain() API. The material about the $jump_from_chain was missing (Darien Kindlund reported this issue).
Applied patch from Darien Kindlund to add the ability to specify the source MAC address via the --mac-source <addr> command line argument to iptables.

19 February, 2009 | Software Releases | In the News | By: Michael Rash

« Art of Information Security Interview

Building a Native Windows fwknop.exe Binary »

cipherdyne.org

IPTables::ChainMgr Used in PacketFence

Software

Linux Firewalls Book

Recent Blog Posts

Categories