From 50a095cefb5874dc181e6b7a560c948d5d5e6337 Mon Sep 17 00:00:00 2001 From: bbruns Date: Mon, 26 Jul 2010 15:09:39 +0000 Subject: [PATCH] More updates for upcoming 0.9.4 --- ChangeLog | 9 +++++++++ doc/firewall-sosdg.init | 34 ++++++++++++++++++++++++++++++++++ rc.firewall | 2 +- stop-firewall | 38 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 doc/firewall-sosdg.init create mode 100755 stop-firewall diff --git a/ChangeLog b/ChangeLog index f0d7000..2549f28 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +0.9.4 - Brielle Bruns + - Initscript + - stop-firewall for... stopping the firewall! + - Code cleanups + +0.9.3 - Brielle Bruns + - Misc tweaks and reorg + - Custom command files + 0.9 - Brielle Bruns - Colorize output - Added outbound port blocking options diff --git a/doc/firewall-sosdg.init b/doc/firewall-sosdg.init new file mode 100644 index 0000000..9dfaaf1 --- /dev/null +++ b/doc/firewall-sosdg.init @@ -0,0 +1,34 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: sosdg-firewall +# Required-Start: $local_fs $network +# Required-Stop: $local_fs $network +# X-Start-Before: +# X-Stop-After: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Manage firewall status +# Description: Manage Firewall/SOSDG status +### END INIT INFO + +PATH=/bin:/sbin:/usr/bin:/usr/sbin +FIREWALL_START=/etc/firewall-sosdg/rc.firewall +FIREWALL_STOP=/etc/firewall-sosdg/stop-firewall +. /lib/lsb/init-functions + +case "${1:-}" in + start) + log_begin_msg "Starting Firewall/SOSDG..." + $FIREWALL_START + log_end_msg $? + ;; + stop) + log_begin_msg "Stopping Firewall/SOSDG..." + $FIREWALL_STOP + log_end_msg $? + ;; + *) + log_success_msg "Usage: $0 {start|stop}" + exit 1 +esac +exit 0 diff --git a/rc.firewall b/rc.firewall index c413c29..43890a6 100755 --- a/rc.firewall +++ b/rc.firewall @@ -1,4 +1,4 @@ -#/bin/bash +#/bin/sh # v0.9.3 # By Brielle Bruns # URL: http://www.sosdg.org/freestuff/firewall diff --git a/stop-firewall b/stop-firewall new file mode 100755 index 0000000..ca3fcd6 --- /dev/null +++ b/stop-firewall @@ -0,0 +1,38 @@ +#!/bin/sh + +BASEDIR=/etc/firewall-sosdg +#BASEDIR=`pwd` + +. $BASEDIR/options + +$IPTABLES --policy INPUT ACCEPT +$IPTABLES --policy OUTPUT ACCEPT +$IPTABLES --policy FORWARD ACCEPT + +$IPTABLES --flush &>/dev/null +$IPTABLES -F OUTPUT &>/dev/null +$IPTABLES -F PREROUTING &>/dev/null +$IPTABLES -F POSTROUTING &>/dev/null +$IPTABLES -F -t mangle &>/dev/null +if [ $NAT ]; then + $IPTABLES -F -t nat &>/dev/null +fi +$IPTABLES -F -t raw &>/dev/null +if [ -s "$BASEDIR/include/ipv4_custom_flush" ]; then + . "$BASEDIR/include/ipv4_custom_flush" +fi + +if [ $IPV6 ]; then + $IP6TABLES --policy INPUT ACCEPT + $IP6TABLES --policy OUTPUT ACCEPT + $IP6TABLES --policy FORWARD ACCEPT + $IP6TABLES --flush &>/dev/null + $IP6TABLES -F OUTPUT &>/dev/null + $IP6TABLES -F PREROUTING &>/dev/null + $IP6TABLES -F POSTROUTING &>/dev/null + if [ -s "$BASEDIR/include/ipv6_custom_flush" ]; then + . "$BASEDIR/include/ipv6_custom_flush" + fi +fi + +exit 0