Begin support of rule cache for quicker loading
bbruns
parent
415dbaaf19
commit
2ac9c2d4bd
|
|
@ -144,7 +144,8 @@ if [ "$GEN_CACHE" ]; then
|
||||||
force)
|
force)
|
||||||
IPTABLES="write_out_rules"
|
IPTABLES="write_out_rules"
|
||||||
if [ "$IPV6" ]; then
|
if [ "$IPV6" ]; then
|
||||||
IP6TABLES="write_out_rules"
|
IP6TABLES="write_out_rules_v6"
|
||||||
|
rm -f "${RULE_CACHE_V6}" &>/dev/null
|
||||||
fi
|
fi
|
||||||
rm -f "${RULE_CACHE}" &>/dev/null
|
rm -f "${RULE_CACHE}" &>/dev/null
|
||||||
;;
|
;;
|
||||||
|
|
|
||||||
|
|
@ -119,6 +119,7 @@ function show_help {
|
||||||
echo "Firewall/SOSDG ${FW_VERSION} - Brielle Bruns <bruns@2mbit.com>"
|
echo "Firewall/SOSDG ${FW_VERSION} - Brielle Bruns <bruns@2mbit.com>"
|
||||||
echo -e "\t--help\t\tShows this info"
|
echo -e "\t--help\t\tShows this info"
|
||||||
echo -e "\t--flush\t\tFlushes all rules back to default ACCEPT"
|
echo -e "\t--flush\t\tFlushes all rules back to default ACCEPT"
|
||||||
|
echo -e "\t--generate-cache\tGenerate cached rule file"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -164,7 +165,10 @@ function apply_ipv4_hack {
|
||||||
echo -en "\n"
|
echo -en "\n"
|
||||||
}
|
}
|
||||||
|
|
||||||
# write_out_rules
|
# write_out_rules(_v6)
|
||||||
function write_out_rules {
|
function write_out_rules {
|
||||||
echo "$*" >> "$RULE_CACHE"
|
echo "$*" >> "$RULE_CACHE"
|
||||||
}
|
}
|
||||||
|
function write_out_rules_v6 {
|
||||||
|
echo "$*" >> "$RULE_CACHE_V6"
|
||||||
|
}
|
||||||
|
|
@ -62,3 +62,4 @@ STATE_TYPE="conntrack"
|
||||||
|
|
||||||
# Where we store output of cached rules
|
# Where we store output of cached rules
|
||||||
RULE_CACHE=$BASEDIR/cache/ipt-rules
|
RULE_CACHE=$BASEDIR/cache/ipt-rules
|
||||||
|
RULE_CACHE_V6=$BASEDIR/cache/ipt6-rules
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue