Mercurial > mbse-firewall / changeset
changeset
Hosts blocked by the ipset global tables are now stateless blocked. Version 0.0.19.
Sun, 19 Apr 2015 11:13:22 +0200
- author
- Michiel Broek <mbroek@mbse.eu>
- date
- Sun, 19 Apr 2015 11:13:22 +0200
- changeset 8
- c8e957eb1b36
- parent 7
- c846ebedfff3
- child 9
- 2e298d35241f
Hosts blocked by the ipset global tables are now stateless blocked. Version 0.0.19.
| sbin/mbse-firewall | file | annotate | diff | comparison | revisions |
--- a/sbin/mbse-firewall Mon Apr 13 17:22:53 2015 +0200 +++ b/sbin/mbse-firewall Sun Apr 19 11:13:22 2015 +0200 @@ -22,7 +22,7 @@ # Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. # --------------------------------------------------------------------------- -MBSEFW_VERSION="0.0.18" +MBSEFW_VERSION="0.0.19" # Sanity checks if [ "$(id -u)" != "0" ]; then @@ -278,9 +278,9 @@ # If we use the global blocktables. if [ "$IF_EXT_GLOBAL_BLOCK" == "1" ]; then - $IPTABLES -A INPUT -i $IF_EXT -m state --state NEW -m set --match-set global-blk4 src -j DROP + $IPTABLES -A INPUT -i $IF_EXT -m set --match-set global-blk4 src -j DROP if [ "$FW_FORWARD" = "1" ]; then - $IPTABLES -A FORWARD -i $IF_EXT -m state --state NEW -m set --match-set global-blk4 src -j DROP + $IPTABLES -A FORWARD -i $IF_EXT -m set --match-set global-blk4 src -j DROP fi if [ "$USE_IPV6" == "1" ]; then if [ -n "$IF_EXT6" ]; then @@ -288,9 +288,9 @@ else IF6=$IF_EXT fi - $IP6TABLES -A INPUT -i $IF6 -m state --state NEW -m set --match-set global-blk6 src -j DROP + $IP6TABLES -A INPUT -i $IF6 -m set --match-set global-blk6 src -j DROP if [ "$FW_FORWARD" = "1" ]; then - $IP6TABLES -A FORWARD -i $IF6 -m state --state NEW -m set --match-set global-blk6 src -j DROP + $IP6TABLES -A FORWARD -i $IF6 -m set --match-set global-blk6 src -j DROP fi fi echo -n "."
