Browse Source

Add before/after run commands

master
Brielle Bruns 6 months ago
parent
commit
b19d4156d2

+ 3
- 0
CHANGELOG View File

@@ -1,3 +1,6 @@
1
+2.1 Beta 1 - 11/19/2018
2
+	- Add run-after  and run-before rules (custom/runafter.sh and custom/runbefore.sh)
3
+
1 4
 2.1 Alpha 3 - 04/25/2016
2 5
 	- Fix issue with erasing variables in two different setups
3 6
 	- mss clamp fix for fwd target

+ 12
- 0
bin/srfirewall View File

@@ -174,6 +174,10 @@ fi
174 174
 
175 175
 # Do IPv4 IPTables Rules
176 176
 if [ "${EnableIPv4}" == "yes" ]; then
177
+
178
+	# Commands to run before everything else
179
+	if [ -x ${FWCONFIGDIR}/ipv4/custom/runbefore.sh ]; then . ${FWCONFIGDIR}/ipv4/custom/runbefore.sh; fi
180
+	
177 181
 	# First flush all rules
178 182
 	iptables_rules_flush ipv4
179 183
 	
@@ -203,10 +207,16 @@ if [ "${EnableIPv4}" == "yes" ]; then
203 207
 	[[ ${Enablev4NAT} == "yes" ]] && enable_nat ipv4
204 208
 	[[ ${Enablev4PortForwarding} == "yes" ]] && enable_portfw ipv4
205 209
 	
210
+	# Commands to run after everything else
211
+	if [ -x ${FWCONFIGDIR}/ipv4/custom/runafter.sh ]; then . ${FWCONFIGDIR}/ipv4/custom/runafter.sh; fi
212
+	
206 213
 fi
207 214
 
208 215
 # Do IPv6 IPTables Rules
209 216
 if [ "${EnableIPv6}" == "yes" ]; then
217
+	# Commands to run before everything else
218
+	if [ -x ${FWCONFIGDIR}/ipv6/custom/runbefore.sh ]; then . ${FWCONFIGDIR}/ipv6/custom/runbefore.sh; fi
219
+	
210 220
 	# First flush all rules
211 221
 	iptables_rules_flush ipv6
212 222
 	
@@ -237,5 +247,7 @@ if [ "${EnableIPv6}" == "yes" ]; then
237 247
 	[[ ${Enablev6NAT} == "yes" ]] && enable_nat ipv6
238 248
 	[[ ${Enablev6PortForwarding} == "yes" ]] && enable_portfw ipv6
239 249
 	[[ ${EnableSysctlTweaks} == "yes" ]] && sysctl_tweaks
250
+	# Commands to run after everything else
251
+	if [ -x ${FWCONFIGDIR}/ipv6/custom/runafter.sh ]; then . ${FWCONFIGDIR}/ipv6/custom/runafter.sh; fi
240 252
 fi
241 253
 

+ 6
- 0
etc/ipv4/custom/runafter.sh View File

@@ -0,0 +1,6 @@
1
+# This file is sourced by the main srfirewall program to inject
2
+# custom commands/rules during specific moments of the firewall
3
+# setup.
4
+#
5
+# In particular this file injects/commands rules:
6
+# After all other things are done when the script loads

+ 6
- 0
etc/ipv4/custom/runbefore.sh View File

@@ -0,0 +1,6 @@
1
+# This file is sourced by the main srfirewall program to inject
2
+# custom commands/rules during specific moments of the firewall
3
+# setup.
4
+#
5
+# In particular this file injects/commands rules:
6
+# Before all other things are done when the script loads

+ 6
- 0
etc/ipv6/custom/runafter.sh View File

@@ -0,0 +1,6 @@
1
+# This file is sourced by the main srfirewall program to inject
2
+# custom commands/rules during specific moments of the firewall
3
+# setup.
4
+#
5
+# In particular this file injects/commands rules:
6
+# After all other things are done when the script loads

+ 6
- 0
etc/ipv6/custom/runbefore.sh View File

@@ -0,0 +1,6 @@
1
+# This file is sourced by the main srfirewall program to inject
2
+# custom commands/rules during specific moments of the firewall
3
+# setup.
4
+#
5
+# In particular this file injects/commands rules:
6
+# Before all other things are done when the script loads

Loading…
Cancel
Save