iptables update

author: Silvino Silva <silvino@bk.ru> 2020-02-28 02:44:43 +0000
committer: Silvino Silva <silvino@bk.ru> 2020-02-28 02:44:43 +0000
commit: a9baa2eedb483d413fbfd2f775d2e8dec3da728c (patch)
tree: 0ec03e72e007eb7a7aef95c889357af15defb8cb /core/conf/rc.d/iptables
parent: 581bdfbf84c80acfd43c56be09aea759a6d3dccd (diff)
download: doc-a9baa2eedb483d413fbfd2f775d2e8dec3da728c.tar.gz
1 files changed, 5 insertions, 54 deletions
diff --git a/core/conf/rc.d/iptables b/core/conf/rc.d/iptables
index a2ecaf2..c2061db 100644
--- a/core/conf/rc.d/iptables
+++ b/core/conf/rc.d/iptables
@@ -1,68 +1,19 @@
 #!/bin/bash
 
-. /etc/iptables/ipt-firewall.sh
-
 case $1 in
 	start)
-            case $TYPE in
-                bridge)
-		    #ipt_clear
-            echo "setting bridge network..."
-            echo 1 > /proc/sys/net/ipv4/ip_forward
-
-            ## load bridge configuration
-            #iptables-restore /etc/iptables/bridge.v4
-            #iptables-restore /etc/iptables/bridge.v6
-            bash /etc/iptables/ipt-bridge.sh
-
-   		;;
-		server)
-		    #ipt_clear
-            echo "setting server network..."
-            ## load server configuration
-            #iptables-restore /etc/iptables/server.v4
-            #iptables-restore /etc/iptables/server.v6
-            bash /etc/iptables/ipt-server.sh
-		;;
-		client)
-		    #ipt_clear
-            echo "setting client network..."
-            ## load client configuration
-            #iptables-restore /etc/iptables/client.v4
-            bash /etc/iptables/ipt-client.sh
-		;;
-		open)
-		    ipt_clear
-            echo "setting open network..."
-            ## load client configuration
-
-			${IPT} -P INPUT DROP
-			${IPT} -P FORWARD DROP
-			${IPT} -P OUTPUT ACCEPT
-
-			${IPT} -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
-			${IPT} -A OUTPUT -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
-
-			${IPT} -A INPUT -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
-			${IPT} -A INPUT -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
-
-			${IPT} -A OUTPUT  -j ACCEPT
-
-			${IPT} -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: "
-			${IPT} -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: "
-		;;
-	    esac
+	    echo "clear all iptables tables"
+            bash /etc/iptables/ipt-start.sh
 	;;
         stop)
-		echo "clear all iptables tables"
-		ipt_clear
-        ipt_tables
+	    echo "clear all iptables tables"
+            bash /etc/iptables/ipt-stop.sh
 	;;
 	restart)
         $0 start
         ;;
 	status)
-		${IPT} -v
+		/usr/sbin/iptables -v
 	;;
 	*)
 	    echo "Usage: $0 [start|stop]"
author	Silvino Silva <silvino@bk.ru>	2020-02-28 02:44:43 +0000
committer	Silvino Silva <silvino@bk.ru>	2020-02-28 02:44:43 +0000
commit	a9baa2eedb483d413fbfd2f775d2e8dec3da728c (patch)
tree	0ec03e72e007eb7a7aef95c889357af15defb8cb /core/conf/rc.d/iptables
parent	581bdfbf84c80acfd43c56be09aea759a6d3dccd (diff)
download	doc-a9baa2eedb483d413fbfd2f775d2e8dec3da728c.tar.gz