Browse Source

tags/v2.01a1
bbruns 7 years ago
parent
commit
2977b11867
1 changed files with 23 additions and 19 deletions
  1. +23
    -19
      bin/srfirewall

+ 23
- 19
bin/srfirewall View File

@@ -173,16 +173,18 @@ if [ "${EnableIPv4}" == "yes" ]; then
# customized by users in their custom rules
setup_iptables_chains ipv4
[ "${AllowAllv4Loopback}" == "yes" ] && allow_all_loopback ipv4
[ "${EnableTrustedv4Hosts}" == "yes" ] && allow_trusted_hosts ipv4
[ "${Enablev4MSSClamp}" == "yes" ] && enable_mss_clamp ipv4
[ "${DNSClientUsev4ResolvConf}" == "yes" ] && allow_resolvconf_servers ipv4
[ "${DNSClientManualv4Servers}" ] && allow_dnsclient_manual ipv4 "${DNSClientManualv4Servers}"
[ "${Enablev4EasyBlock}" == "yes" ] && enable_easyblock ipv4
[ "${Enablev4Filtering}" == "yes" ] && enable_filtering ipv4
[ "${Enablev4Services}" == "yes" ] && enable_services ipv4
[ "${Enablev4Forwarding}" == "yes" ] && enable_forwarding ipv4
[ "${Enablev4NAT}" == "yes" ] && enable_nat ipv4
[[ ${AllowAllv4Loopback} == "yes" ]] && allow_all_loopback ipv4
[[ ${EnableTrustedv4Hosts} == "yes" ] && allow_trusted_hosts ipv4
[[ ${Enablev4MSSClamp} == "yes" ]] && enable_mss_clamp ipv4
([[ ${Enablev4ConnTrackInterfaces} != "none" ]] && [[ ${Enablev4ConnectionTracking} == "yes" ]]) \
&& enable_conntrack_int ipv4 "${Enablev4ConnTrackInterfaces}"
[[ ${DNSClientUsev4ResolvConf} == "yes" ]] && allow_resolvconf_servers ipv4
[[ ${DNSClientManualv4Servers} ]] && allow_dnsclient_manual ipv4 "${DNSClientManualv4Servers}"
[[ ${Enablev4EasyBlock} == "yes" ]] && enable_easyblock ipv4
[[ ${Enablev4Filtering} == "yes" ]] && enable_filtering ipv4
[[ ${Enablev4Services} == "yes" ]] && enable_services ipv4
[[ ${Enablev4Forwarding} == "yes" ]] && enable_forwarding ipv4
[[ ${Enablev4NAT} == "yes" ]] && enable_nat ipv4
fi

@@ -195,15 +197,17 @@ if [ "${EnableIPv6}" == "yes" ]; then
# customized by users in their custom rules
setup_iptables_chains ipv6
[ "${AllowAllv6Loopback}" == "yes" ] && allow_all_loopback ipv6
[ "${EnableTrustedv6Hosts}" == "yes" ] && allow_trusted_hosts ipv6
[ "${Enablev6MSSClamp}" == "yes" ] && enable_mss_clamp ipv6
[ "${DNSClientUsev6ResolvConf}" == "yes" ] && allow_resolvconf_servers ipv6
[ "${DNSClientManualv6Servers}" ] && allow_dnsclient_manual ipv6 "${DNSClientManualv6Servers}"
[ "${Enablev6EasyBlock}" == "yes" ] && enable_easyblock ipv6
[ "${Enablev6Filtering}" == "yes" ] && enable_filtering ipv6
[ "${Enablev6Services}" == "yes" ] && enable_services ipv6
[ "${Enablev6Forwarding}" == "yes" ] && enable_forwarding ipv6
[[ ${AllowAllv6Loopback} == "yes" ]] && allow_all_loopback ipv6
[[ ${EnableTrustedv6Hosts} == "yes" ]] && allow_trusted_hosts ipv6
[[ ${Enablev6MSSClamp} == "yes" ]] && enable_mss_clamp ipv6
([[ ${Enablev6ConnTrackInterfaces} != "none" ]] && [[ ${Enablev6ConnectionTracking} == "yes" ]]) \
&& enable_conntrack_int ipv6 "${Enablev6ConnTrackInterfaces}"
[[ ${DNSClientUsev6ResolvConf} == "yes" ]] && allow_resolvconf_servers ipv6
[[ ${DNSClientManualv6Servers} ]] && allow_dnsclient_manual ipv6 "${DNSClientManualv6Servers}"
[[ ${Enablev6EasyBlock} == "yes" ]] && enable_easyblock ipv6
[[ ${Enablev6Filtering} == "yes" ]] && enable_filtering ipv6
[[ ${Enablev6Services} == "yes" ]] && enable_services ipv6
[[ ${Enablev6Forwarding} == "yes" ]] && enable_forwarding ipv6
[ "${Enablev6NAT}" == "yes" ] && enable_nat ipv6
fi


Loading…
Cancel
Save