This is exactly what I am trying to get to work:
http://www.fordodone.com/2013/10/01/vyatta-create-and-update-ip-based-ban-lists-from-spamhaus/
Okay, I did a chmod and changed permissions, now the task scheduler allowed me to commit and save the task scheduler parameters.
So, I have my file, I added a task scheduler, and now I just need to tell VyOS to use the rule.
This is where I am a tiny bit confused still. I have never made my own custom rules.
I need to do something like this:
set firewall group network-group blocked network $i
So in the above line I understand “set firewall group network-group”, but after that I don’t understand what is happening.
Where does the $i come into play? What does that stand for? If I type that in it asks for an IPv4.
"vyos@vyos# set firewall group network-group blocked network $i
“0” is not a valid value of type “ipv4net”
Value validation failed
Set failed"
I just need to add the rule to the firewall now, but am lost still.
I am very close, and thank you for all the literature. I am learning a lot here today!
Sam
I just added this:
set firewall group network-group blocked network 10.0.0.0/24
Everything committed and saved just fine.
Am I missing something else? Is there something more I have to add?
I have my file installed with permissions, I added a task-scheduler:
task-scheduler {
task blocked {
executable {
path /usr/local/sbin/updateBanList.sh
}
interval 1d
}
}
and I added the firewall group:
firewall {
group {
network-group blocked {
network 10.0.0.0/24
}
}
}
Should the file be working now?