Browse Source

tags/v2.01a1
bbruns@gmail.com 7 years ago
parent
commit
5eaef26f04
5 changed files with 10 additions and 17 deletions
  1. +9
    -1
      etc/ipv4.conf
  2. +0
    -6
      etc/ipv4/custom/trusted.sh
  3. +1
    -0
      etc/ipv6.conf
  4. +0
    -6
      etc/ipv6/custom/trusted.sh
  5. +0
    -4
      lib/iptables.inc

+ 9
- 1
etc/ipv4.conf View File

@@ -4,4 +4,12 @@
# Allow everything over loopback (lo/127.0.0.0/8)
# Good idea to keep this turned on, but if you so wish to,
# you can disable it here.
AllowAllv4Loopback="yes"
# Values: no | yes (default)
AllowAllv4Loopback="yes"

# Very early on rules to allow for trusted machines to access
# this machine. Rather important and helps keep you from getting
# locked out should the firewalling rules go bad.
# Config file is located in ipv4/trusted.conf
# Values: no | yes (default)
EnableTrustedv4Hosts="yes"

+ 0
- 6
etc/ipv4/custom/trusted.sh View File

@@ -1,6 +0,0 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# Before the trusted chains are set up

+ 1
- 0
etc/ipv6.conf View File

@@ -4,4 +4,5 @@
# Allow everything over loopback (lo ::1/28)
# Good idea to keep this turned on, but if you so wish to,
# you can disable it here.
# Values: no | yes (default)
AllowAllv6Loopback="yes"

+ 0
- 6
etc/ipv6/custom/trusted.sh View File

@@ -1,6 +0,0 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# Before the trusted chains are set up

+ 0
- 4
lib/iptables.inc View File

@@ -78,7 +78,6 @@ function setup_iptables_chains {
${display} GREEN "Setting up chains for ${IP_VERSION}..."
${VER_IPTABLES} -N ${InPreRules}
${VER_IPTABLES} -N ${OutPreRules}
${VER_IPTABLES} -N ${Trusted}
${VER_IPTABLES} -N ${InEasyBlock}
${VER_IPTABLES} -N ${OutEasyBlock}
${VER_IPTABLES} -N ${InFilter}
@@ -96,9 +95,6 @@ function setup_iptables_chains {
${VER_IPTABLES} -A INPUT -j ${InPreRules}
${debug} ${DebugColor} "Setting up OutPreRules"
${VER_IPTABLES} -A OUTPUT -j ${OutPreRules}
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh; fi
${debug} ${DebugColor} "Setting up Trusted"
${VER_IPTABLES} -A INPUT -j ${Trusted}
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh; fi
${debug} ${DebugColor} "Setting up InEasyBlock"
${VER_IPTABLES} -A INPUT -j ${InEasyBlock}


Loading…
Cancel
Save