Mercurial > mbse-firewall / file comparison
comparison: sbin/mbse-firewall
sbin/mbse-firewall
- changeset 8
- c8e957eb1b36
- parent 7
- c846ebedfff3
- child 9
- 2e298d35241f
equal
deleted
inserted
replaced
| 7:c846ebedfff3 | 8:c8e957eb1b36 |
|---|---|
| 20 # You should have received a copy of the GNU General Public License | 20 # You should have received a copy of the GNU General Public License |
| 21 # along with this program; see the file COPYING. If not, write to the Free | 21 # along with this program; see the file COPYING. If not, write to the Free |
| 22 # Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. | 22 # Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. |
| 23 # --------------------------------------------------------------------------- | 23 # --------------------------------------------------------------------------- |
| 24 | 24 |
| 25 MBSEFW_VERSION="0.0.18" | 25 MBSEFW_VERSION="0.0.19" |
| 26 | 26 |
| 27 # Sanity checks | 27 # Sanity checks |
| 28 if [ "$(id -u)" != "0" ]; then | 28 if [ "$(id -u)" != "0" ]; then |
| 29 echo "** You must be root to run this program" | 29 echo "** You must be root to run this program" |
| 30 exit 1 | 30 exit 1 |
| 276 echo -n "." | 276 echo -n "." |
| 277 fi | 277 fi |
| 278 | 278 |
| 279 # If we use the global blocktables. | 279 # If we use the global blocktables. |
| 280 if [ "$IF_EXT_GLOBAL_BLOCK" == "1" ]; then | 280 if [ "$IF_EXT_GLOBAL_BLOCK" == "1" ]; then |
| 281 $IPTABLES -A INPUT -i $IF_EXT -m state --state NEW -m set --match-set global-blk4 src -j DROP | 281 $IPTABLES -A INPUT -i $IF_EXT -m set --match-set global-blk4 src -j DROP |
| 282 if [ "$FW_FORWARD" = "1" ]; then | 282 if [ "$FW_FORWARD" = "1" ]; then |
| 283 $IPTABLES -A FORWARD -i $IF_EXT -m state --state NEW -m set --match-set global-blk4 src -j DROP | 283 $IPTABLES -A FORWARD -i $IF_EXT -m set --match-set global-blk4 src -j DROP |
| 284 fi | 284 fi |
| 285 if [ "$USE_IPV6" == "1" ]; then | 285 if [ "$USE_IPV6" == "1" ]; then |
| 286 if [ -n "$IF_EXT6" ]; then | 286 if [ -n "$IF_EXT6" ]; then |
| 287 IF6=$IF_EXT6 | 287 IF6=$IF_EXT6 |
| 288 else | 288 else |
| 289 IF6=$IF_EXT | 289 IF6=$IF_EXT |
| 290 fi | 290 fi |
| 291 $IP6TABLES -A INPUT -i $IF6 -m state --state NEW -m set --match-set global-blk6 src -j DROP | 291 $IP6TABLES -A INPUT -i $IF6 -m set --match-set global-blk6 src -j DROP |
| 292 if [ "$FW_FORWARD" = "1" ]; then | 292 if [ "$FW_FORWARD" = "1" ]; then |
| 293 $IP6TABLES -A FORWARD -i $IF6 -m state --state NEW -m set --match-set global-blk6 src -j DROP | 293 $IP6TABLES -A FORWARD -i $IF6 -m set --match-set global-blk6 src -j DROP |
| 294 fi | 294 fi |
| 295 fi | 295 fi |
| 296 echo -n "." | 296 echo -n "." |
| 297 fi | 297 fi |
| 298 | 298 |
