Posts by master G

What image are you using?
Have used this on open pli & prz team phoenix and worked great on both.

What image are you using?
Have used this on open pli & prz team phoenix and worked great on both.

Again not familliar with spider menu, but on E2 images you will find this under positioner movement.
Prob diff on the spider, hope this helps.

I am not familliar with the spider but am guesing your satxml has became corrupted, try factory reset of the spider or relflash the image, a spider owner may be able to advise better.

Make sure cccam is selected as the default cam and running, blue select cccam then ok to start.

There may be a fault in your cfg. Can you post it here, ( without passwords and port numbers obviously ) so we can see if there are any errors.

Note: All Picon Changes are still Licher made every thing updated to new ones

Enigma 1 SD Licher Picons Fixed by Silverfox078..rar
Enigma 2 SD Licher Picons Fixed by Silverfox078..rar

Update 07.02.2011

Sorry for the delay in this but i was away in Sunny Rgypt and upon return i wanted them to be right so it took longer to sort them out but here they are now all sorted

Changelog:

TV:

107 - Sky Living [New Added]
107 - Sky Living ROI Added [Irish Duplicates]
108 - Sky Atlantic [New Added]
112 - Comedy Central [Reshufle]
112 - Comedy Central ROI [Irish Duplicates]
113 - Universal [Reshufle]
114 - Syfy [Reshufle]
121 - Sky Living +1 [New Added]
122 - Sky Livingit [New Added]
123 - Sky Livingit +1 [New Added]
124 - FX [Reshufle]
126 - MTV [Reshufle]
126 - MTV ROI [Irish Duplicates]
127 - Comedy Central +1 ROI [Irish Duplicates]
129 - Sky 2 [Reshufle]
130 - Sky Living Loves [New Added]
152 - Sky 3 [Reshufle]
153 - Sky 3 +1 [Reshufle]
160 - MTV +1 [Reshufle]
164 - Challenge +1 [New Frequency]
350 - MTV MUSIC [New Added]
351 - MTV BASE [Reshuffle]
352 - MTV HITS [Reshuffle]
353 - MTV DANCE [Reshuffle]
354 - MTV ROCKS [Reshuffle]
355 - MTV CLASSIC [Reshuffle]
357 - vIVA [Reshuffle]
358 - MTVN HD [Reshuffle]
792 - PTV Prime [New Frequency]
836 - AHLEBAIT TV [New Frequency]

Radio:

Silverfox0786 E1 SD 28.2E [06.02.2011].rar

With sly for the first 12 months of your contract you must connect the box to your phoneline, after that its up to you.

You have one of the most wanted cards in europe,
Set it up and youll be watching whatever you want within hours.

Keep asking & reply to others threads with your active cline.
Weve all been there mate, dont give up.

Yes no problem.

How to install Omnikey readers on Linux PC

05.02.2011

Eurobird 1, 28.2?E

(12h47) Sky Digital: New PID for Geo TV: PID:2320/2321 English Urdu SID:52500 (11426.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Sky Digital: New PID for AAG TV: PID:2326/2327 English SID:52505 (11426.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Freesat & Sky Digital: New PID for Price Drop TV: PID:2332/2333 English SID:52510 (11426.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h47) Sky Digital: New PID for OBE: PID:2322/2323 English SID:52525 (11426.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h47) Sky Digital: New PID for Diva TV: PID:2318/2319 English SID:52530 (11426.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Sky Digital: New PID for Q TV: PID:2324/2325 English SID:52535 (11426.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Freesat & Sky Digital: New PID for Speed Auction TV: PID:2330/2331 English SID:52546 (11426.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h47) Sky Digital: New PID for Glory TV: PID:2328/2329 English SID:52555 (11426.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h47) Sky Digital: New PID for Comedy Central +1 UK: PID:2328/2329 English,2330 English SID:50300 (11527.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Sky Digital: New PID for Comedy Central Ireland: PID:2324/2325 English,2327 English SID:50305 (11527.00MHz, pol.V SR:27500 FEC:2/3 - VideoGuard).
(12h47) Sky Digital: New PID for Gaydate TV: PID:2332/2333 English SID:50310 (11527.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h47) Sky Digital: New PID for The Dating Channel: PID:2335/2336 English SID:50330 (11527.00MHz, pol.V SR:27500 FEC:2/3 - Clear).
(12h46) Sky Digital: Ahlebait TV has left 12524.00MHz, pol.H (DVB-S SID:55022 PID:2341/2342 English)
(12h49) Sky Digital: Channel One (UK) has left 11307.00MHz, pol.H (DVB-S SID:52233 PID:2320/2321 English,2322 English), it is no longer transmitted by satellite in Europe.
(12h49) Sky Digital: Channel One +1 UK has left 11307.00MHz, pol.H (DVB-S SID:52235 PID:2308/2309 English,2310 English), it is no longer transmitted by satellite in Europe.

Hi.

If any of you, like me, struggled to get your private owned SECA card running in the AZBOX internal reader this IPK might help you out.

Install instructions:
- First install the "enigma2-plugin-extensions-userscripts_2.4-r4_mipsel.ipk" this plugin will allow you to start/stop/restart and auto start Oscam module
- Copy attached userscript ipk to the Azbox /tmp directory and make sure file attributes are set to 755 (chmod 755 filename)
- As root in a terminal window type: "ipkg install /tmp/enigma2-plugin-extensions-userscripts_2.4-r4_mipsel.ipk"
- Now copy attached oscam ipk file (enigma2-plugin-camd-oscam-1.00-trunk-svn4682-mips_svn4682-mips_mipsel.ipk) to Azbox /tmp directory
- Again make sure file attributes are set to 755 (chmod 755 filename)
- As root in a terminal window type: "ipkg install /tmp/enigma2-plugin-camd-oscam-1.00-trunk-svn4682-mips_svn4682-mips_mipsel.ipk
- Now go to Azbox "Menu" => "Plugins => "userscripts" and choose "execute User Scripts from /usr/script"
- I here you see "oscam-1.00-trunk-svn4682-mips.sh" , choose it and execute options you want

That is it, the script will be able to "add" the needed auto start script in /etc/rc3.d directory so after reboot all still works

One note, I setup Oscam such that it ONLY runs with your local card in the internal reader, you have to stop CCcam if it runs as this config will not allow Oscam and CCcam to run side by side. The goal here it to have the option to use the Azbox with internal card reader and valid inserted card without having any network connection.
You can of course, modify oscam.conf, oscam.server etc to have a different configuration.

This has been tested on a premium + with valid SECA card

For me a motorised setup wins hands down. Good point by Hacksat about quicker zapping, but my opinion is if you can get the full arc use it.
The seconds it takes for your motor to move is worth waiting for. Otherwise i think you will regret being limited to 4 sats.Invest in a solid mount, good dish and you wont look back.

I presume its a dm500 your after so go for a UK seller.

Support following cards:

Sky S02
- Sky V13
- HD+ (CAID: 1830)
- HD+ (CAID: 1843)
- ORF
- ORF Ice
- MTV
- SRG
- Kabelkiosk
- TNK
- Tivusat
- Sky UK
- HRT Viaccess
- ART Viaccess
- BHT Bosnia Viaccess
- SCT Viaccess
- Sky Italia (CAID: 0919) (Nur im USB Smargo/Easymouse)
- Sky Italia (CAID: 093B) (Nur im USB Smargo/Easymouse)
- Redlight Viaccess
- Penthouse HD
- KD D02
- KD D09
- UM 01
- UM 02
- UM I03
- Sky P02
- Sky I02
- Sky G02
And much more..

coolstream.to_OscamConfigCreator_v.1.8_.zip

Quote from alibaba1802

Does someone know if it can work like server?

Client only im afraid.

?New :
◦Added new options to always default to external subtitles, ignore embedded subtitles and to set the autoload subtitle paths
◦Added support for "in24", "fl64", 8-bit "sowt", "IMA4" and "NONE" audio (old QuickTime? PCM)
◦Added support for "in24", "in32", "fl32", "fl64" (both big-endian and little-endian) in .mov files
◦Ticket #784, Enable ctrl+A in the MediaInfo? window
◦[DVB] LCN support, added EPG current event information, offset parameter for scanning channels, added channel encryption detection for DVB-t during scan
◦Added ignore encrypted channels checkbox during DVB scan
◦Armenian translation
?Changed :
◦Updated FFmpeg
◦Updated MediaInfoLib? to v0.7.39
◦Updated ZenLib? to v0.4.17
◦Updated Little CMS to v2.1
◦Updated libpng to v1.4.5
◦Updated libogg to v1.2.2
◦Updated libvorbis to v1.3.2
◦Cleaned up and optimized code for QT PCM, small corrections in MP4Splitter
◦DVB: the current channel audio stream is memorized and selected by default each time the channel is switched back
◦Removed DSM Converter (use the legacy branch if you need this feature)
◦Removed RoQ splitter/decoder (same as above)
?Fixed :
◦Ticket #52, [playlist] shuffle is broken
◦Ticket #78, ESC key cannot be assigned to other actions
◦Ticket #293, giving "remember last window size" a meaning
◦Ticket #564, EVR Sync enabled when it shouldn't be
◦Ticket #627, Don't create the "AppData?\Roaming\Media Player Classic" folder if the "Remember items" in playlist is disabled
◦Ticket #628, Enable ctrl+A in Player-->Keys page
◦Ticket #647, Weird "keys" listed
◦Ticket #650, Non-media entry in playlist halts playback
◦Ticket #651, Make EVR CP stats graph smaller
◦Ticket #652, Escape key on certain form causes form to collapse
◦Ticket #655, Crash with some BBC-HD samples
◦Ticket #678, Remember last window size NOT working and mpc-hc.ini
◦Ticket #698, VMR-9 (Renderless) + pixel shaders crashes
◦Ticket #699, fix EAC3 mediatype and string
◦Ticket #712, Audio renderer menu problem with Haali splitter after r2339
◦Ticket #724, Frequency range and bandwidth value are currently not taken into account when doing a scan
◦Ticket #753, DVB-T, internal MPEG-2 filter & wrong aspect ratio
◦Ticket #775, Default options of DVD/OGM Preferred language should be "Default" not "English"
◦Ticket #776, Mouse pointer hovering over window/video should be normal not hand
◦Ticket #778, Playlist interface problem
◦Ticket #782, VMR-7 & 9 filter names misspelled
◦Ticket #791, Change the cursor behavior
◦Ticket #796, MPC HC window doesn't stay snapped to desktop corners
◦Ticket #809, Resize-arrows no longer appear with caption hidden
◦Ticket #889, [DVB] keypress in channel list makes whole pane grey
◦Ticket #891, [DVB] clicking empty slot in channel list causes small playback hiccup
◦Ticket #895, [DVB] some characters don't show in EPG OSD
◦DVB Screen sizing: takes into account the TV Navigation panel
◦Workaround to avoid madVR renderer freezing when switching DVB channels
◦Bandwidth value was hardcoded to 8MHz when doing a scan or switching channels. The value entered in scan is now saved in the configuration

MPC-HC 1.5.0.2827 - x64 Edition

MPC - HomeCinema 1.5.0.2827

Credit to sanciytinc for this.

Requirements
- CCcam Logfile (in this tutorial /var/log/cccam.log)
- root Access
- Cron Daemon
- iptables

Scripts
/root/BanUser.sh

#!/bin/bash
LOGFILE=/var/log/cccam.log
/sbin/iptables --flush




FILENAME=/root/baduser.db
touch $FILENAME
while read line
do 
 OUTPUT=`cat $LOGFILE | grep $line | awk '{printf "-A INPUT -s %s -j REJECT --reject-with icmp-host-unreachable\n", $10}' | awk 'x[$0]++ == 0' | tail --lines=1`
 /sbin/iptables $OUTPUT
done < $FILENAME




FILENAME=/root/badhost.db
touch $FILENAME
while read line
do 
 OUTPUT="-A INPUT -s $line -j REJECT --reject-with icmp-host-unreachable"
 /sbin/iptables $OUTPUT
done < $FILENAME

Database examples
/root/badhost.db

81.20.200.170
someremovedhost.dyndns.org

/root/baduser.db

deletedflineuser
deletedflineuser2
deletedflineuser3

Cronjob
/etc/cron.d/cccam-iptables

*/15 *     * * *     root   /root/BanUser.sh

Fill into the file baduser.db deleted users, You can also use the badhost.db file to put the hostname or ip address. Already configured iptables rules will be deleted with this script so make attention.

Tested with ubuntu.

P.S: It's a good beginning to resolve the disconnecting client problems.

Credit to Shalafi for this.

Here's a small and easy to use iptables based firewall script which works the other way around. Instead of allowing people to connect and block (illegal) users through iptables, you block access completely and only allow hosts to connect by allowing them in the firewall. The only downside is, your client needs to use a DNS or a non-dynamic IP-address so that you can allow him access. The plus is, this means more security since you only allow users with a DNS/ipaddress and your server is default not viewable from the internet. You can also expand your F-line for the client with the same DNS in the case your firewall doesn't start or work for some extra security

Keep in mind, that I tested this script on a NSLU2 running with the OpenSlug 3.10 Beta firmware. However, this script should work on regular Linux configurations without to many changes (disable the modprobe commands which is needed on the NSLU2). And to make sure that peers with a rotating IP-address can connect, you need to put this script in a cronjob setup to run every 15 minutes (see example at the bottom) during the day.

It's a regular init.d script which has a start (start firewall), stop (stop firewall) or restart (stop then start firewall) function. Make sure that after you create the firewall script, to chmod it to executable (chmod a+x /etc/init.d/firewall) and make sure it autostarts (depends on your distribution) using the example below.

Filename: /etc/init.d/firewall

#!/bin/sh
###############################################################################
# 
# Default firewall script for your Linux server
#
# This one is used for allowing peers access to your CCcam configuration. It can
# be used with other sharing protocols as well.
#
# See the examples at the CCCAM section
#
###############################################################################
# 
# Local Settings
#




# iptables Location - adjust if needed
IPT="/usr/sbin/iptables"




# Internet Interface
INET_IFACE="eth0"




# Localhost Interface
LO_IFACE="lo"
LO_IP="127.0.0.1"







flush_existing() {
# Flush Any Existing Rules or Chains
echo "Flushing Tables ..."




# Reset Default Policies
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT




# Flush all rules
$IPT -F




# Erase all non-default chains
$IPT -X
}







create_chains() {
echo "Create custom rule chains ..."




# Create a chain to filter INVALID packets




$IPT -N bad_packets




# Create another chain to filter bad tcp packets




$IPT -N bad_tcp_packets




# Create separate chains for icmp, tcp (incoming and outgoing),
# and incoming udp packets.




$IPT -N icmp_packets




# Used for udp packets inbound from the Internet
$IPT -N udp_inbound




# Used to block outbound udp services from internal network
# Default to allow all
$IPT -N udp_outbound




# Used to allow inbound services if desired
# Default fail except for established sessions
$IPT -N tcp_inbound




# Used to block outbound services from internal network
# Default to allow all
$IPT -N tcp_outbound




# Used to allow CCcam services
# Default fail except for established sessions
$IPT --new cccam







}




populate_chains() {
echo "Populate custom rule chains ..."




# bad_packets chain




# Then check the tcp packets for additional problems
$IPT -A bad_packets -p tcp -j bad_tcp_packets




# All good, so return
$IPT -A bad_packets -p ALL -j RETURN




# bad_tcp_packets chain
#
# All tcp packets will traverse this chain.
# Every new connection attempt should begin with
# a syn packet.  If it doesn't, it is likely a
# port scan.  This drops packets in state
# NEW that are not flagged as syn packets.




# Stealth scans
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL NONE -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL ALL -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL FIN,URG,PSH -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
$IPT -A bad_tcp_packets -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP




# All good, so return
$IPT -A bad_tcp_packets -p tcp -j RETURN




# icmp_packets chain
#
# This chain is for inbound (from the Internet) icmp packets only.
# Type 8 (echo Request) is accepted by default
# Enable it if you want remote hosts to be able to reach you.
# 11 (Time Exceeded) is the only one accepted
# that would not already be covered by the established
# connection rule.  Applied to INPUT on the external interface.
# 
# See: http://www.ee.siue.edu/~rwalden/networking/icmp.html
# for more info on ICMP types.
#
# Note that the stateful settings allow replies to ICMP packets.
# These rules allow new packets of the specified types.




# ICMP packets should fit in a Layer 2 frame, thus they should
# never be fragmented.  Fragmented ICMP packets are a typical sign
# of a denial of service attack.
#$IPT -A icmp_packets --fragment -p ICMP -j LOG \
    #--log-prefix "ICMP Fragment: "
$IPT -A icmp_packets --fragment -p ICMP -j DROP




# Uncomment the LOG command if you want to log PING attempts
# $IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j LOG \
#    --log-prefix "Ping detected: "
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j ACCEPT
# comment out above and uncomment below to drop pings without logging.
#$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 8 -j DROP




# see ping reply packets
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 0 -j ACCEPT




# Time Exceeded
$IPT -A icmp_packets -p ICMP -s 0/0 --icmp-type 11 -j ACCEPT




# Not matched, so return so it will be logged
$IPT -A icmp_packets -p ICMP -j RETURN




# tcp & udp
# Identify ports at:
#    http://www.chebucto.ns.ca/~rakerman/port-table.html
#    http://www.iana.org/assignments/port-numbers




#
# ADD udp-based services here
#




# udp_inbound chain
# ports you want to accept udp packets on




# netbios/samba
$IPT -A udp_inbound -p udp -s 0/0 --destination-port 137 -j ACCEPT
$IPT -A udp_inbound -p udp -s 0/0 --destination-port 138 -j ACCEPT




# Network Time Protocol (NTP) Server
$IPT -A udp_inbound -p udp -s 0/0 --destination-port 123 -j ACCEPT




# External DHCP Server
# Allow DHCP client request packets inbound from external network
$IPT -A udp_inbound -p udp -s 0/0 --source-port 68 --destination-port 67 -j ACCEPT




# DNS in
#$IPT -A udp_inbound -p udp -s 0/0 --destination-port 53 -j ACCEPT
$IPT -A udp_inbound -p udp -s 0/0 --source-port 53 -j ACCEPT




# Not matched, so return for logging
$IPT -A udp_inbound -p udp -j RETURN




# udp_outbound chain
# ports you send udp packets to




# netbios/samba
$IPT -A udp_outbound -p udp -s 0/0 --destination-port 137 -j ACCEPT
$IPT -A udp_outbound -p udp -s 0/0 --destination-port 138 -j ACCEPT




# Network Time Protocol (NTP) Server
$IPT -A udp_outbound -p udp -s 0/0 --destination-port 123 -j ACCEPT




# DHCP out
$IPT -A udp_outbound -p udp -s 0/0 --destination-port 68 -j ACCEPT




# DNS out
$IPT -A udp_outbound -p udp -s 0/0 --destination-port 53 -j ACCEPT




# No match, so ACCEPT
# make this DROP if you want to block any other outbound udp traffic
$IPT -A udp_outbound -p udp -s 0/0 -j ACCEPT




# tcp_inbound chain
#
# This chain is used to allow inbound connections to the SLUG




# smb
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 137 -j ACCEPT
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 139 -j ACCEPT
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 445 -j ACCEPT




# HTTP
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 80 -j ACCEPT




# FTP
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port ftp -j ACCEPT
# Passive
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 33201:33210 -j ACCEPT




# Ctorrent incoming ports. Uncomment if you use ctorrent.
# $IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 2706:2700 -j ACCEPT




# DNS
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 53 -j ACCEPT




# sshd
$IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 22 -j ACCEPT
# If you have 2 ssh daemons running, add the second here
# $IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 999 -j ACCEPT




# telnet (not normally used in Openslug)
# $IPT -A tcp_inbound -p tcp -s 0/0 --destination-port 23 -j ACCEPT




###############################################################################
# CCCAM SECTION - These are examples!
# Change the portnumbers accordingly to your configuration!
# 12000 = Default CCcam port 
# 16001 = Default WEBINFO port
###############################################################################




# WEBINFO - Allow access to CCcam WEBINFO from the local network:
#
# In this case we use 192.168.1.x with a subnetmask of 255.255.255.0 (/24)
# Change it to your local network configuration
#
$IPT -A cccam -p tcp -s 192.168.1.0/24 					--destination-port 16001 -j ACCEPT




# SERVER - Allow acces to the CCcam server
#
# These examples will show how you can allow a hostname, ipaddress or range to connect
# to the CCcam server instance
#
$IPT -A cccam -p tcp -s 192.168.1.0/24 					--destination-port 12000 -j ACCEPT
$IPT -A cccam -p tcp -s hostname.dnsname.extension		--destination-port 12000 -j ACCEPT
$IPT -A cccam -p tcp -s 83.149.116.40					--destination-port 12000 -j ACCEPT







# SERVER - Disabled peers
#
# With this example you can block a hostname, ipaddress or range to connect to
# your server. After a firewall restart it will happen instanly.
#
$IPT -A cccam -p tcp -s badclient.domainname.extension 	 --destination-port 12000 -j DROP
$IPT -A cccam -p tcp -s 217.148.84.25					 --destination-port 12000 -j DROP




# CCcam - Default disabled
#
# Default CCCAM server and webinfo access is disabled.
#
$IPT -A cccam -p tcp -s 0/0 --destination-port 16001 -j DROP
$IPT -A cccam -p tcp -s 0/0 --destination-port 12000 -j DROP







# Not matched, so return so it will be logged
$IPT -A tcp_inbound -p tcp -j RETURN




# tcp_outbound chain
#
# This chain controlls what tcp traffic is allowed out




# http
$IPT -A tcp_outbound -p tcp -s 0/0 --destination-port 80 -j ACCEPT
# DNS
$IPT -A tcp_outbound -p tcp -s 0/0 --destination-port 53 -j ACCEPT
# sshd
$IPT -A tcp_outbound -p tcp -s 0/0 --destination-port 22 -j ACCEPT




# No match, so ACCEPT
# Note, you could make this DROP to block any other outbound traffic
$IPT -A tcp_outbound -p tcp -s 0/0 -j ACCEPT
}







process_input_chain() {
echo "Process INPUT chain ..."




# Allow all on localhost interface
$IPT -A INPUT -p ALL -i $LO_IFACE -j ACCEPT




# Drop bad packets
$IPT -A INPUT -p ALL -j bad_packets




# ******************************
# Inbound Internet Packet Rules




# packet filter accepts inbound packets that are replies to an outbound connection
# this blocks all new connection attempts except to those allowed below
$IPT -A INPUT -p tcp -i $INET_IFACE ! --syn -j ACCEPT




# Route the rest to the appropriate user chain
$IPT -A INPUT -p tcp -i $INET_IFACE -j tcp_inbound
$IPT -A INPUT -p tcp -i $INET_IFACE -j cccam
$IPT -A INPUT -p udp -i $INET_IFACE -j udp_inbound
$IPT -A INPUT -p ICMP -i $INET_IFACE -j icmp_packets




# Drop without logging broadcasts that get this far.
# Comment this line if testing new rules that impact
# broadcast protocols.
#$IPT -A INPUT -m pkttype --pkt-type broadcast -j DROP
}







process_output_chain() {
echo "Process OUTPUT chain ..."




# Generally trust the firewall on output




# Localhost
$IPT -A OUTPUT -p ALL -s $LO_IP -j ACCEPT
$IPT -A OUTPUT -p ALL -o $LO_IFACE -j ACCEPT




# If you want to block outbound connections, uncomment first section below, comment
# out second section, and add rules to tcp_outbound/udp_outbound




# To internet - filtered
#$IPT -A OUTPUT -p tcp -o $INET_IFACE -j tcp_outbound
#$IPT -A OUTPUT -p udp -o $INET_IFACE -j udp_outbound




# To internet - unfiltered
$IPT -A OUTPUT -p ALL -o $INET_IFACE -j ACCEPT
}




case "$1" in
  start)
    echo "Starting iptables firewall"
	# Only needed on NSLU2 - Disable them on regular Linux installations:
	modprobe ip_tables
	modprobe iptable_filter
	flush_existing
	create_chains
	populate_chains
	process_input_chain
	process_output_chain
	;;
  stop)
    echo "Stopping iptables firewall"
	flush_existing
	rmmod ip_tables
	rmmod iptable_filter
    echo "Firewall rules flushed"
	;;
  reload|force-reload)
    echo "Reloading iptables firewall"
	flush_existing
	create_chains
	populate_chains
	process_input_chain
	process_output_chain
	;;
  restart)
    echo "Restarting iptables firewall"
	flush_existing
	create_chains
	populate_chains
	process_input_chain
	process_output_chain
	;;
  *)
	echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}"
	exit 1
esac




exit 0

To make the firewall script start at bootup on a NSLU2, use the following command in your SSH client:

ln -s /etc/init.d/firewall /etc/rcS.d/S59firewall

To create a cronjob, run the command crontab -e and put in the following information:

15,30,45,59 * * * * /etc/init.d/firewall restart

After this, Cron will restart the firewall on 00:15, 00:30, 00:45, 00:59, 01:15, 01:30, etc, etc, etc.

Offcourse you can edit the script for use with newcs, mbox, etc, etc. Just make sure you use the correct protocols and/or portnumbers. Alternatively you can change the name of the chain (which is now cccam) to your program which you use.