Browse Source

Add before/after run commands

tags/2.1
Brielle Bruns 2 years ago
parent
commit
b19d4156d2
6 changed files with 39 additions and 0 deletions
  1. +3
    -0
      CHANGELOG
  2. +12
    -0
      bin/srfirewall
  3. +6
    -0
      etc/ipv4/custom/runafter.sh
  4. +6
    -0
      etc/ipv4/custom/runbefore.sh
  5. +6
    -0
      etc/ipv6/custom/runafter.sh
  6. +6
    -0
      etc/ipv6/custom/runbefore.sh

+ 3
- 0
CHANGELOG View File

@@ -1,3 +1,6 @@
2.1 Beta 1 - 11/19/2018
- Add run-after and run-before rules (custom/runafter.sh and custom/runbefore.sh)

2.1 Alpha 3 - 04/25/2016
- Fix issue with erasing variables in two different setups
- mss clamp fix for fwd target


+ 12
- 0
bin/srfirewall View File

@@ -174,6 +174,10 @@ fi

# Do IPv4 IPTables Rules
if [ "${EnableIPv4}" == "yes" ]; then

# Commands to run before everything else
if [ -x ${FWCONFIGDIR}/ipv4/custom/runbefore.sh ]; then . ${FWCONFIGDIR}/ipv4/custom/runbefore.sh; fi
# First flush all rules
iptables_rules_flush ipv4
@@ -203,10 +207,16 @@ if [ "${EnableIPv4}" == "yes" ]; then
[[ ${Enablev4NAT} == "yes" ]] && enable_nat ipv4
[[ ${Enablev4PortForwarding} == "yes" ]] && enable_portfw ipv4
# Commands to run after everything else
if [ -x ${FWCONFIGDIR}/ipv4/custom/runafter.sh ]; then . ${FWCONFIGDIR}/ipv4/custom/runafter.sh; fi
fi

# Do IPv6 IPTables Rules
if [ "${EnableIPv6}" == "yes" ]; then
# Commands to run before everything else
if [ -x ${FWCONFIGDIR}/ipv6/custom/runbefore.sh ]; then . ${FWCONFIGDIR}/ipv6/custom/runbefore.sh; fi
# First flush all rules
iptables_rules_flush ipv6
@@ -237,5 +247,7 @@ if [ "${EnableIPv6}" == "yes" ]; then
[[ ${Enablev6NAT} == "yes" ]] && enable_nat ipv6
[[ ${Enablev6PortForwarding} == "yes" ]] && enable_portfw ipv6
[[ ${EnableSysctlTweaks} == "yes" ]] && sysctl_tweaks
# Commands to run after everything else
if [ -x ${FWCONFIGDIR}/ipv6/custom/runafter.sh ]; then . ${FWCONFIGDIR}/ipv6/custom/runafter.sh; fi
fi


+ 6
- 0
etc/ipv4/custom/runafter.sh View File

@@ -0,0 +1,6 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# After all other things are done when the script loads

+ 6
- 0
etc/ipv4/custom/runbefore.sh View File

@@ -0,0 +1,6 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# Before all other things are done when the script loads

+ 6
- 0
etc/ipv6/custom/runafter.sh View File

@@ -0,0 +1,6 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# After all other things are done when the script loads

+ 6
- 0
etc/ipv6/custom/runbefore.sh View File

@@ -0,0 +1,6 @@
# This file is sourced by the main srfirewall program to inject
# custom commands/rules during specific moments of the firewall
# setup.
#
# In particular this file injects/commands rules:
# Before all other things are done when the script loads

Loading…
Cancel
Save