Misc fixes for previous changes.

master
bbruns 12 years ago
parent 3061e16eb2
commit 2a79c95bfc
  1. 8
      bin/firewall-sosdg
  2. 14
      tools/convert-config

@ -794,10 +794,10 @@ fi
fi
if [ $IPV6_ROUTEDCLIENTBLOCK ]; then
$IP6TABLES -A FORWARD -i $IPV6INT -o $IPV6LAN -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6INT -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6INT -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6INT -o $IPV6LAN -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6_INT -o $IPV6LAN -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6_INT -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6_INT -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6_INT -o $IPV6LAN -p udp ! --dport 32768:65535 -j DROP
fi

@ -3,20 +3,6 @@ echo "This script converts certain aspects of old config files, such as renamed
echo "to the new variable names. It is NOT foolproof, so please check your config files"
echo "afterwards."
IPV6_FORWARD=${IPV6_FORWARD=$IPV6FORWARD}
IPV6_CONNTRACK=${IPV6_CONNTRACK=$IPV6CONNTRACK}
IPV6_BLOCKINCOMING=${$IPV6_BLOCKINCOMING=$IPV6BLOCKINCOMING}
IPV6_MARK=${IPV6_MARK=$IPv6_MARK}
IPV6_BLOCKED=${IPV6_BLOCKED=$BLOCKEDIPV6}
IPV6_CLAMPMSS=${IPV6_CLAMPMSS=$CLAMPMSSIPV6}
IPV6_INT=${IPV6_INT=$IPV6INT}
IPV6_LAN=${IPV6_LAN=$IPV6LAN}
IPV6_TRUSTED=${IPV6_TRUSTED=$IPV6TRUSTED}
IPV6_TCPPORTS=${IPV6_TCPPORTS=$IPV6TCP}
IPV6_UDPPORTS=${IPV6_UDPPORTS=$IPV6UDP}
IPV6_FORWARDRANGE=${IPV6_FORWARDRANGE=$IPV6FORWARDRANGE}
sed -e 's/IPV6FORWARD/IPV6_FORWARD/' \
-e 's/IPV6CONNTRACK/IPV6_CONNTRACK/' \
-e 's/IPV6BLOCKINCOMING/IPV6_BLOCKINCOMING/' \

Loading…
Cancel
Save