OpenSDE
/
rocklinux
mirror of https://github.com/amery/rocklinux.git
2
0
Fork 0
Code Releases Wiki Activity
mirror of the now-defunct rocklinux.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
850 Commits
1 Branch
0 Tags
34 MiB
Tree: f86766e0be
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f86766e0be'
${ noResults }
rocklinux/package/base/iptables/rocknet_iptables.sh

49 lines
1.0 KiB
Raw Normal View History

Integration of rock-net (0.0.3) - this is mostly tested and some cleanups need to be done - as well as a updated rock-net core is scheduled for tonight. git-svn-id: http://www.rocklinux.org/svn/rock-linux/trunk@1821 c5f82cb5-29bc-0310-9cd0-bff59a50e3bc
21 years ago
  2. iptables_init_if() {
  3. if isfirst "iptables_$if"; then
  4. addcode up 1 1 "iptables -N firewall_$if"
  5. addcode up 1 2 "iptables -A INPUT -i $if -j firewall_$if"
  6. addcode up 1 3 "iptables -A firewall_$if `
  7. `-m state --state ESTABLISHED,RELATED -j ACCEPT"
  9. addcode down 1 3 "iptables -F firewall_$if"
  10. addcode down 1 2 "iptables -D INPUT -i $if -j firewall_$if"
  11. addcode down 1 1 "iptables -X firewall_$if"
  12. fi
  13. }
  15. iptales_parse_conditions() {
  16. iptables_cond=""
  17. while [ -n "$1" ]
  18. do
  19. case "$1" in
  20. all)
  21. shift
  22. ;;
  23. tcp|udp)
  24. iptables_cond="$iptables_cond -p $1 --dport $2"
  25. shift; shift
  26. ;;
  27. ip)
  28. iptables_cond="$iptables_cond -s $2"
  29. shift; shift
  30. ;;
  31. *)
  32. error "Unkown allow/deny condition: $1"
  33. shift
  34. esac
  35. done
  36. }
  38. public_allow() {
  39. iptales_parse_conditions "$@"
  40. addcode up 1 5 "iptables -A firewall_$if $iptables_cond -j ACCEPT"
  41. iptables_init_if
  42. }
  44. public_deny() {
  45. iptales_parse_conditions "$@"
  46. addcode up 1 5 "iptables -A firewall_$if $iptables_cond -j REJECT"
  47. iptables_init_if
  48. }