More updates for upcoming 0.9.4

master
bbruns 2010-07-26 15:09:39 +00:00
parent b86926bd13
commit 50a095cefb
4 changed files with 82 additions and 1 deletions

View File

@ -1,3 +1,12 @@
0.9.4 - Brielle Bruns <bruns@2mbit.com>
- Initscript
- stop-firewall for... stopping the firewall!
- Code cleanups
0.9.3 - Brielle Bruns <bruns@2mbit.com>
- Misc tweaks and reorg
- Custom command files
0.9 - Brielle Bruns <bruns@2mbit.com>
- Colorize output
- Added outbound port blocking options

34
doc/firewall-sosdg.init Normal file
View File

@ -0,0 +1,34 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: sosdg-firewall
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# X-Start-Before:
# X-Stop-After:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Manage firewall status
# Description: Manage Firewall/SOSDG status
### END INIT INFO
PATH=/bin:/sbin:/usr/bin:/usr/sbin
FIREWALL_START=/etc/firewall-sosdg/rc.firewall
FIREWALL_STOP=/etc/firewall-sosdg/stop-firewall
. /lib/lsb/init-functions
case "${1:-}" in
start)
log_begin_msg "Starting Firewall/SOSDG..."
$FIREWALL_START
log_end_msg $?
;;
stop)
log_begin_msg "Stopping Firewall/SOSDG..."
$FIREWALL_STOP
log_end_msg $?
;;
*)
log_success_msg "Usage: $0 {start|stop}"
exit 1
esac
exit 0

View File

@ -1,4 +1,4 @@
#/bin/bash
#/bin/sh
# v0.9.3
# By Brielle Bruns <bruns@2mbit.com>
# URL: http://www.sosdg.org/freestuff/firewall

38
stop-firewall Executable file
View File

@ -0,0 +1,38 @@
#!/bin/sh
BASEDIR=/etc/firewall-sosdg
#BASEDIR=`pwd`
. $BASEDIR/options
$IPTABLES --policy INPUT ACCEPT
$IPTABLES --policy OUTPUT ACCEPT
$IPTABLES --policy FORWARD ACCEPT
$IPTABLES --flush &>/dev/null
$IPTABLES -F OUTPUT &>/dev/null
$IPTABLES -F PREROUTING &>/dev/null
$IPTABLES -F POSTROUTING &>/dev/null
$IPTABLES -F -t mangle &>/dev/null
if [ $NAT ]; then
$IPTABLES -F -t nat &>/dev/null
fi
$IPTABLES -F -t raw &>/dev/null
if [ -s "$BASEDIR/include/ipv4_custom_flush" ]; then
. "$BASEDIR/include/ipv4_custom_flush"
fi
if [ $IPV6 ]; then
$IP6TABLES --policy INPUT ACCEPT
$IP6TABLES --policy OUTPUT ACCEPT
$IP6TABLES --policy FORWARD ACCEPT
$IP6TABLES --flush &>/dev/null
$IP6TABLES -F OUTPUT &>/dev/null
$IP6TABLES -F PREROUTING &>/dev/null
$IP6TABLES -F POSTROUTING &>/dev/null
if [ -s "$BASEDIR/include/ipv6_custom_flush" ]; then
. "$BASEDIR/include/ipv6_custom_flush"
fi
fi
exit 0