IP Tables

[millpond]

Still no luck.

I stopped the script, and it looks like it took a great deal of the blocklist from iptables -S.

But *nothing* under iptables gave the slightest indication of where the table is acturally stored. There is a mention in the iptables-xslt file of an iptables-rules - but there is no such file on my system. At the speed of the script, I suspect that iptables is actually hidden in a database. Though gawd only knows where. Whenever I have a weekend to waste I might grab the source and try to read through it. Of course it would help if I learned C.

ublock is a browser addon. I am looking for a true blocklist, like peerblock is in Win.

There is mintnanny, which is a python script, but with zero docs, that looks like it may be somewhat useful, but entries seem to be one at a time. I might be able to script it to take urls from the clipboard. Apparently made as a PPA its directory structure is appropriate for Debian. What little there is of it.

[gmlox]

But *nothing* under iptables gave the slightest indication of where the table is acturally stored.

It's stored in the kernel, and as such can't be directly *viewed*
If you want to actually see the rules, consider making IP tables script, that will be much more human readable and easy to maintain.

a script should begin with lines that flush filtering engine first, and then apply all the rules again into kernel.

Also if you're designing completely new ruleset consider doing it with nftables instead (which makes iptables obsolete and very limited in what it can do), it gives you much more power, provides scripting engine, and provides modular design, such as separating "code" into separate files, and using include directives just like in C-like languages to include files. much more effective way to manage large rulesets.

Iptables or nftables, whatever.. you need to spend weeks reading documentation and practice in order to make use of these tools, trying to do things ASAP is just a pain in the as.