diff options
Diffstat (limited to 'core/conf/rc.d/iptables')
| -rw-r--r-- | core/conf/rc.d/iptables | 59 |
1 files changed, 5 insertions, 54 deletions
diff --git a/core/conf/rc.d/iptables b/core/conf/rc.d/iptables index a2ecaf2..c2061db 100644 --- a/core/conf/rc.d/iptables +++ b/core/conf/rc.d/iptables @@ -1,68 +1,19 @@ #!/bin/bash -. /etc/iptables/ipt-firewall.sh - case $1 in start) - case $TYPE in - bridge) - #ipt_clear - echo "setting bridge network..." - echo 1 > /proc/sys/net/ipv4/ip_forward - - ## load bridge configuration - #iptables-restore /etc/iptables/bridge.v4 - #iptables-restore /etc/iptables/bridge.v6 - bash /etc/iptables/ipt-bridge.sh - - ;; - server) - #ipt_clear - echo "setting server network..." - ## load server configuration - #iptables-restore /etc/iptables/server.v4 - #iptables-restore /etc/iptables/server.v6 - bash /etc/iptables/ipt-server.sh - ;; - client) - #ipt_clear - echo "setting client network..." - ## load client configuration - #iptables-restore /etc/iptables/client.v4 - bash /etc/iptables/ipt-client.sh - ;; - open) - ipt_clear - echo "setting open network..." - ## load client configuration - - ${IPT} -P INPUT DROP - ${IPT} -P FORWARD DROP - ${IPT} -P OUTPUT ACCEPT - - ${IPT} -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT - ${IPT} -A OUTPUT -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT - - ${IPT} -A INPUT -p tcp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT - ${IPT} -A INPUT -p udp --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT - - ${IPT} -A OUTPUT -j ACCEPT - - ${IPT} -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " - ${IPT} -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " - ;; - esac + echo "clear all iptables tables" + bash /etc/iptables/ipt-start.sh ;; stop) - echo "clear all iptables tables" - ipt_clear - ipt_tables + echo "clear all iptables tables" + bash /etc/iptables/ipt-stop.sh ;; restart) $0 start ;; status) - ${IPT} -v + /usr/sbin/iptables -v ;; *) echo "Usage: $0 [start|stop]" |