Misc fixes for previous changes.

master
bbruns 2010-10-13 21:34:22 +00:00
parent 3061e16eb2
commit 2a79c95bfc
2 changed files with 4 additions and 18 deletions

View File

@ -794,10 +794,10 @@ fi
fi
if [ $IPV6_ROUTEDCLIENTBLOCK ]; then
$IP6TABLES -A FORWARD -i $IPV6INT -o $IPV6LAN -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6INT -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6INT -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6INT -o $IPV6LAN -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6_INT -o $IPV6LAN -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6_INT -p tcp --syn -j DROP
$IP6TABLES -A INPUT -i $IPV6_INT -p udp ! --dport 32768:65535 -j DROP
$IP6TABLES -A FORWARD -i $IPV6_INT -o $IPV6LAN -p udp ! --dport 32768:65535 -j DROP
fi

View File

@ -3,20 +3,6 @@ echo "This script converts certain aspects of old config files, such as renamed
echo "to the new variable names. It is NOT foolproof, so please check your config files"
echo "afterwards."
IPV6_FORWARD=${IPV6_FORWARD=$IPV6FORWARD}
IPV6_CONNTRACK=${IPV6_CONNTRACK=$IPV6CONNTRACK}
IPV6_BLOCKINCOMING=${$IPV6_BLOCKINCOMING=$IPV6BLOCKINCOMING}
IPV6_MARK=${IPV6_MARK=$IPv6_MARK}
IPV6_BLOCKED=${IPV6_BLOCKED=$BLOCKEDIPV6}
IPV6_CLAMPMSS=${IPV6_CLAMPMSS=$CLAMPMSSIPV6}
IPV6_INT=${IPV6_INT=$IPV6INT}
IPV6_LAN=${IPV6_LAN=$IPV6LAN}
IPV6_TRUSTED=${IPV6_TRUSTED=$IPV6TRUSTED}
IPV6_TCPPORTS=${IPV6_TCPPORTS=$IPV6TCP}
IPV6_UDPPORTS=${IPV6_UDPPORTS=$IPV6UDP}
IPV6_FORWARDRANGE=${IPV6_FORWARDRANGE=$IPV6FORWARDRANGE}
sed -e 's/IPV6FORWARD/IPV6_FORWARD/' \
-e 's/IPV6CONNTRACK/IPV6_CONNTRACK/' \
-e 's/IPV6BLOCKINCOMING/IPV6_BLOCKINCOMING/' \