FireHOL configuration files are normal BASH scripts. As such, you can use all BASH features within FireHOL configuration files, including functions, loops, variables, I/O, etc, etc.

I have chosen BASH as the configuration language for FireHOL since it is the common denominator for a language that all UNIX system administrators and developers (or at least those that respect themselves) know and understand better.

The fact that FireHOL uses BASH for its configuration, allows third parties to develop add-ons, to enable FireHOL use SQL databases, directory structures, DBM or other files, WEB front ends or other means for the rules of the firewall.

Exactly the same reason allows the build of remote managers for centralized administration of a large number of Linux hosts and routers.

The only BASH features a FireHOL configuration script should never use, is traps and the exit command. Traps are used by FireHOL for cleaning up all temporary files, and possibly restoring the previously running firewall in case FireHOL execution breaks, and the exit command will not just exit the configuration file, it will exit FireHOL. FireHOL has disabled these features by default, so that you will not be able to use them, unless you specifically enable them.

Also, since a FireHOL configuration script runs inline with FireHOL, all variables and function names defined within the configuration file overwrite the ones defined by FireHOL. For this reason you should avoid using variables that start with FIREHOL_, work_, server_, and client_ as many such variables are used by FireHOL internally. There are also a number of functions names you should avoid, but there is no generic pattern at the moment. I suggest you should avoid defining functions with the names of FireHOL commands (interface, router, client, server, etc) and functions starting with rules_.

Note however that it is allowed to overwrite a few variables and functions if you want to modify FireHOL services (See the Adding Services section for more on this).

To learn BASH scripting I suggest the following documents:


SourceForge Logo $Id: language.html,v 1.9 2004/10/31 23:43:25 ktsaou Exp $

FireHOL, a firewall for humans...
© Copyright 2004 Costa Tsaousis <costa@tsaousis.gr>