added a drop keyword for the iptables (should we rename allow into accept and

deny to reject?


git-svn-id: http://www.rocklinux.org/svn/rock-linux/trunk@1848 c5f82cb5-29bc-0310-9cd0-bff59a50e3bc

package/base/iptables/rocknet_iptables.sh

@@ -29,7 +29,7 @@ iptales_parse_conditions() {
 			shift; shift
 			;;
 		    *)
-			error "Unkown allow/deny condition: $1"
+			error "Unkown allow/deny/drop condition: $1"
 			shift
 		esac
 	done
@@ -47,3 +47,9 @@ public_deny() {
 	iptables_init_if
 }
 
+public_drop() {
+	iptales_parse_conditions "$@"
+	addcode up 1 5 "iptables -A firewall_$if $iptables_cond -j DROP"
+	iptables_init_if
+}
+