Toshiba SG20 - Magnia - Web Server Customization Manual page 18

Customization
2 In this new directory, create a new file named "rule" which contains the IP Tables
command for the rule you wish to add. You can use other rule files in /sa2/firewall as
examples. For example, you might add the following contents to a rule file:
[% IF firewall.enabled -%]
# allow VPN clients through
# Note that port 500 is the source port, not destination port.
$IPTABLES -A FORWARD -p udp -s ANY/0 --sport 500 -i $INTIF -o $EXTIF -j
ACCEPT
[% END -%]
3 Create a new file description in the directory, containing a short (less than one line)
description of the rule to be added. This description is displayed on the user
interface next to the check box. An example description is:
en=Custom VPN Client
The "en=" indicates this text description is used for any English-based display. For
other languages, you can specify sp, de, it, fr, and du for Spanish, German, Italian,
French and Dutch. If a language is invoked on the user interface, and there is no
corresponding language text in the description file, English is used as the default.
4 Create a new file called "index" which specifies the location of the firewall within the
firewall table. Location can be important, so be sure to review the other custom
rules, as well as the default rules, to understand placement of the rule. The index file
should simply contain a number, such as:
70
5 Finally, create a new file called "type" in the directory, containing the word "client",
"server" or "both", that is used to describe to whom the firewall rule applies. An
example type file might be:
client
After these steps have been performed, a new selectable firewall rule is added to the
user interface.
A very easy way to get started with a new firewall rule is to use one of the existing firewall
rule directories. Copy the directory and its contents to a new directory name, and then
begin modifying the individual files to change the rule display name and the IP Tables
rule.
Customizing the firewall
18