brielle
/
Firewall-SOSDG
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More work on custom rules files.

master
bbruns 2010-07-15 05:20:44 +00:00
parent 7124d93bfb
commit 6b9a442edf
12 changed files with 7 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/README Normal file
View File

@ -0,0 +1,7 @@
In this directory, you can create the following filenames to add
custom rules at each section of the firewall script:
ipv4_custom_allowedports ipv4_custom_mssclamp ipv4_custom_proto
ipv4_custom_blockincoming ipv4_custom_nat ipv4_custom_routing
ipv4_custom_blockports ipv4_custom_notrack
ipv4_custom_conntrack ipv4_custom_portforward

0
include/ipv4_custom_allowedports
View File

0
include/ipv4_custom_blockincoming
View File

0
include/ipv4_custom_blockports
View File

0
include/ipv4_custom_conntrack
View File

0
include/ipv4_custom_mssclamp
View File

0
include/ipv4_custom_nat
View File

0
include/ipv4_custom_notrack
View File

0
include/ipv4_custom_portforward
View File

0
include/ipv4_custom_proto
View File

0
include/ipv4_custom_routing
View File

10
rc.firewall
View File

@ -64,7 +64,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_mssclamp" ]; then
echo -e "\E[33mLoading custom MSS Clamp rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_mssclamp"
echo -ne "\n"
fi
if [ "$CLAMPMSS" ]; then
@ -93,7 +92,6 @@ $IPTABLES -A INPUT -j DROP -p udp --dport domain -m u32 --u32 \
if [ -s "$BASEDIR/include/ipv4_custom_conntrack" ]; then
echo -e "\E[33mLoading custom conntrack rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_conntrack"
echo -ne "\n"
fi
if [ $CONNTRACK ]; then
@ -111,7 +109,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_blockports" ]; then
echo -e "\E[33mLoading custom blocked port rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_blockports"
echo -ne "\n"
fi
if [ "$BLOCKTCPPORTS" ] || [ "$BLOCKUDPPORTS" ]; then
@ -145,7 +142,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_allowedports" ]; then
echo -e "\E[33mLoading custom allowed port rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_allowedports"
echo -ne "\n"
fi
if [ "$TCPPORTS" ] || [ "$UDPPORTS" ]; then
@ -174,7 +170,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_proto" ]; then
echo -e "\E[33mLoading custom protocol rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_proto"
echo -ne "\n"
fi
if [ "$ALLOWEDPROTO" ]; then
@ -191,7 +186,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_notrack" ]; then
echo -e "\E[33mLoading custom NOTRACK rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_notrack"
echo -ne "\n"
fi
if [ $CONNTRACK ]; then
@ -207,7 +201,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_routing" ]; then
echo -e "\E[33mLoading custom routing rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_routing"
echo -ne "\n"
fi
if [ $ROUTING ]; then
@ -242,7 +235,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_portforward" ]; then
echo -e "\E[33mLoading custom port forwarding rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_portforward"
echo -ne "\n"
fi
if [ $PORTFW ] && [ $NAT ]; then
@ -267,7 +259,6 @@ fi
if [ -s "$BASEDIR/include/ipv4_custom_nat" ]; then
echo -e "\E[33mLoading custom nat rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_nat"
echo -ne "\n"
fi
if [ $NAT ]; then
@ -289,7 +280,6 @@ $IPTABLES --policy FORWARD DROP
if [ -s "$BASEDIR/include/ipv4_custom_blockincoming" ]; then
echo -e "\E[33mLoading custom incoming blocked rules...\E[37m"
. "$BASEDIR/include/ipv4_custom_blockincoming"
echo -ne "\n"
fi
if [ $BLOCKINCOMING ]; then