about summary refs log tree commit diff stats
path: root/core/conf/rc.d/iptables
diff options
context:
space:
mode:
Diffstat (limited to 'core/conf/rc.d/iptables')
-rw-r--r--core/conf/rc.d/iptables80
1 files changed, 29 insertions, 51 deletions
diff --git a/core/conf/rc.d/iptables b/core/conf/rc.d/iptables
index f8b7881..893b087 100644
--- a/core/conf/rc.d/iptables
+++ b/core/conf/rc.d/iptables
@@ -1,55 +1,46 @@
 #!/bin/bash
 
-IPT="/usr/sbin/iptables"
-#TYPE=bridge
+. /etc/iptables/ipt-conf.sh
+. /etc/iptables/ipt-firewall.sh
+
+TYPE=bridge
 #TYPE=server
-TYPE=open
+#TYPE=open
 #TYPE=client
 
-clear_ipt() {
-
-	${IPT} -F
-	${IPT} -X
-	${IPT} -t nat -F
-	${IPT} -t nat -X
-	${IPT} -t mangle -F
-	${IPT} -t mangle -X
-	${IPT} -t raw -F
-	${IPT} -t raw -X
-	${IPT} -t security -F
-	${IPT} -t security -X
-
-}
-
 case $1 in
 	start)
             case $TYPE in
                 bridge)
-		    clear_ipt
-                    echo "setting bridge network..."
-                    echo 1 > /proc/sys/net/ipv4/ip_forward
+		    #ipt_clear
+            echo "setting bridge network..."
+            echo 1 > /proc/sys/net/ipv4/ip_forward
 
-                    ## load bridge configuration
-                    iptables-restore /etc/iptables/bridge.v4
+            ## load bridge configuration
+            #iptables-restore /etc/iptables/bridge.v4
+            #iptables-restore /etc/iptables/bridge.v6
+            bash /etc/iptables/ipt-bridge.sh
 
    		;;
 		server)
-		    clear_ipt
-                    echo "setting server network..."
-                    ## load server configuration
-                    iptables-restore /etc/iptables/server.v4
-
+		    #ipt_clear
+            echo "setting server network..."
+            ## load server configuration
+            #iptables-restore /etc/iptables/server.v4
+            #iptables-restore /etc/iptables/server.v6
+            bash /etc/iptables/ipt-server.sh
 		;;
 		client)
-		    clear_ipt
-                    echo "setting client network..."
-                    ## load client configuration
-                    iptables-restore /etc/iptables/client.v4
+		    #ipt_clear
+            echo "setting client network..."
+            ## load client configuration
+            #iptables-restore /etc/iptables/client.v4
+            bash /etc/iptables/ipt-client.sh
 		;;
 		open)
-		    clear_ipt
-                    echo "setting open network..."
-                    ## load client configuration
+		    ipt_clear
+            echo "setting open network..."
+            ## load client configuration
 
 			${IPT} -P INPUT DROP
 			${IPT} -P FORWARD DROP
@@ -65,29 +56,16 @@ case $1 in
 
 			${IPT} -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: "
 			${IPT} -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: "
-			#${IPT} -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: "
-
-
 		;;
 	    esac
 	;;
         stop)
 		echo "clear all iptables tables"
-		clear_ipt
-		# Set Default Rules
-		${IPT} -P INPUT DROP
-		${IPT} -P FORWARD DROP
-		${IPT} -P OUTPUT DROP
-
-		${IPT} -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: "
-		${IPT} -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: "
-		${IPT} -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: "
-
-
+		ipt_clear
+        ipt_tables
 	;;
 	restart)
-		clear_ipt
-        	$0 start
+        $0 start
         ;;
 	status)
 		${IPT} -v
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-05-12 12:40:55 +0000