Ver a proveniência

These indirect variables are annoying the crap out of me. Removing them for now until I've had time to make them actually work. For now, no easily custom names for custom injection files.

tags/v2.01a1
bbruns@gmail.com há 7 anos
ascendente
cometimento
8da9f8b978
5 ficheiros alterados com 13 adições e 35 eliminações
  1. +0
    -14
      etc/ipv4/custom.conf
  2. +0
    -0
      etc/ipv4/custom/prerun.sh
  3. +0
    -14
      etc/ipv6/custom.conf
  4. +6
    -0
      etc/ipv6/custom/prerun.sh
  5. +7
    -7
      lib/iptables.inc

+ 0
- 14
etc/ipv4/custom.conf Ver ficheiro

@@ -1,14 +0,0 @@
# These are the custom files that can be used to inject rules during loading. Please don't change them
# unless you have a good reason.
# To allow variable propagation/change and some creative changes of rules that I haven't tought of,
# these files are sourced into the main file during setup of the order of chains.

$V4CUSTPREFIX="${FWPREFIX}/ipv4/"

$v4_Custom_Pre="$V4CUSTPREFIX/prerun.sh"
$v4_Custom_Trust="$V4CUSTPREFIX/trusted.sh"
$v4_Custom_EasyBlock="$V4CUSTPREFIX/easyblock.sh"
$v4_Custom_Filter="$V4CUSTPREFIX/filter.sh"
$v4_Custom_NAT="$V4CUSTPREFIX/nat.sh"
$v4_Custom_PortFw="$V4CUSTPREFIX/portfw.sh"
$v4_Custom_Post="$V4CUSTPREFIX/postrun.sh"

etc/ipv6/custom/prerules.sh → etc/ipv4/custom/prerun.sh Ver ficheiro


+ 0
- 14
etc/ipv6/custom.conf Ver ficheiro

@@ -1,14 +0,0 @@
# These are the custom files that can be used to inject rules during loading. Please don't change them
# unless you have a good reason.
# To allow variable propagation/change and some creative changes of rules that I haven't tought of,
# these files are sourced into the main file during setup of the order of chains.

$V6CUSTPREFIX="${FWPREFIX}/ipv6/"

$v6_Custom_Pre="$V6CUSTPREFIX/prerun.sh"
$v6_Custom_Trust="$V6CUSTPREFIX/trusted.sh"
$v6_Custom_EasyBlock="$V6CUSTPREFIX/easyblock.sh"
$v6_Custom_Filter="$V6CUSTPREFIX/filter.sh"
$v6_Custom_NAT="$V6CUSTPREFIX/nat.sh"
$v6_Custom_PortFw="$V6CUSTPREFIX/portfw.sh"
$v6_Custom_Post="$V6CUSTPREFIX/postrun.sh"

+ 6
- 0
etc/ipv6/custom/prerun.sh Ver ficheiro

@@ -0,0 +1,6 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# Before the main chains are setup.

+ 7
- 7
lib/iptables.inc Ver ficheiro

@@ -83,23 +83,23 @@ function setup_iptables_chains {
# Set up rules - the order matters - we do it separately here
# for easy viewing of order
if [ -x ${v${IPVER}_Custom_Pre} ]; then . ${v${IPVER}_Custom_Pre}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/prerun.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/prerun.sh; fi
${VER_IPTABLES} -A INPUT -j ${InPreRules}
${VER_IPTABLES} -A OUTPUT -j ${OutPreRules}
if [ -x ${v${IPVER}_Custom_Trust} ]; then . ${v${IPVER}_Custom_Trust}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/trusted.sh; fi
${VER_IPTABLES} -A INPUT -j ${Trusted}
if [ -x ${v${IPVER}_Custom_EasyBlock} ]; then . ${v${IPVER}_Custom_EasyBlock}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/easyblock.sh; fi
${VER_IPTABLES} -A INPUT -j ${InEasyBlock}
${VER_IPTABLES} -A OUTPUT -j ${OutEasyBlock}
if [ -x ${v${IPVER}_Custom_Filter} ]; then . ${v${IPVER}_Custom_Filter}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/filter.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/filter.sh; fi
${VER_IPTABLES} -A INPUT -j ${InFilter}
${VER_IPTABLES} -A OUTPUT -j ${OutFilter}
${VER_IPTABLES} -A FORWARD -j ${FwdFilter}
if [ -x ${v${IPVER}_Custom_NAT} ]; then . ${v${IPVER}_Custom_NAT}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/nat.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/nat.sh; fi
${VER_IPTABLES} -A POSTROUTING -j ${NAT}
if [ -x ${v${IPVER}_Custom_PortFw} ]; then . ${v${IPVER}_Custom_PortFw}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/portfw.sh; fi
${VER_IPTABLES} -A PREROUTING -j ${PortForward}
if [ -x ${v${IPVER}_Custom_Post} ]; then . ${v${IPVER}_Custom_Post}; fi
if [ -x ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh ]; then . ${FWCONFIGDIR}/ipv${IPVER}/custom/postrun.sh; fi
${VER_IPTABLES} -A INPUT -j ${InPostRules}
${VER_IPTABLES} -A OUTPUT -j ${OutPostRules}
}

Carregando…
Cancelar
Guardar