brielle
/
Firewall-SOSDG
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More minor changes

master
bbruns 2010-08-27 21:09:51 +00:00
parent 3a266b1869
commit 8f78bb6fb2
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
options.default
View File

@ -25,7 +25,7 @@ MODPROBE=/sbin/modprobe
#FORWARD=1 #FORWARD=1
# Blocking incoming connections by default? # Blocking incoming connections by default?
BLOCKINCOMING=1 #BLOCKINCOMING=1
# Clamp MSS, useful on DSL/VPN links # Clamp MSS, useful on DSL/VPN links
# Space separated list of interfaces to apply this on # Space separated list of interfaces to apply this on
@ -38,7 +38,7 @@ BLOCKINCOMING=1
#INTINF=ppp+ #INTINF=ppp+
# Port forwardings, requires NAT # Port forwardings, requires NAT
PORTFW=$BASEDIR/port-forwards #PORTFW=$BASEDIR/port-forwards
# TCP/UDP/Protocol to allow # TCP/UDP/Protocol to allow
TCPPORTS="20 21 22 53 80 113 123 443" TCPPORTS="20 21 22 53 80 113 123 443"

15
rc.firewall
View File

@ -1,5 +1,4 @@
#/bin/sh #/bin/sh
# v0.9.5
# By Brielle Bruns <bruns@2mbit.com> # By Brielle Bruns <bruns@2mbit.com>
# URL: http://www.sosdg.org/freestuff/firewall # URL: http://www.sosdg.org/freestuff/firewall
# License: GPLv3 # License: GPLv3
@ -37,7 +36,6 @@ if [ ! -r $BASEDIR/include/static ] || [ ! -r $BASEDIR/include/functions ]; then
exit 1 exit 1
fi fi
. $BASEDIR/include/static . $BASEDIR/include/static
@ -67,7 +65,11 @@ while [ $# -gt 0 ]; do
shift shift
done done
if [ ! -r "${PORTFW}" ]; then
display_c RED "Error: Missing ${PORTFW} as defined in the PORTFW option. Please make sure"
display_c RED "it exists, or comment out the PORTFW line in options."
exit 1
fi
echo "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= echo "=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Firewall/SOSDG ${FW_VERSION} Firewall/SOSDG ${FW_VERSION}
@ -295,7 +297,7 @@ if [ -s "$BASEDIR/include/ipv4_custom_routing" ]; then
fi fi
if [ $ROUTING ]; then if [ $ROUTING ]; then
display_c YELLOW "Adding route: " N display_c YELLOW "Adding route: "
for i in `grep -v "\#" $ROUTING`; do for i in `grep -v "\#" $ROUTING`; do
ROUTE=( ${i//:/ } ) ROUTE=( ${i//:/ } )
FWINT1=${ROUTE[0]} FWINT1=${ROUTE[0]}
@ -312,12 +314,11 @@ if [ $ROUTING ]; then
$IPTABLES -A FORWARD -i $FWINT1 -o $FWINT2 \ $IPTABLES -A FORWARD -i $FWINT1 -o $FWINT2 \
-s $FWIP1 -d $FWIP2 -j ACCEPT -s $FWIP1 -d $FWIP2 -j ACCEPT
if [ ${ROUTE[4]} == "1" ]; then if [ ${ROUTE[4]} == "1" ]; then
#echo -en "\E[35m$FWINT1\E[37m:$FWIP1<->\E[34m$FWINT2\E[37m:$FWIP2 " display_c DEFAULT "\t${PURPLE}$FWINT1:$FWIP1${AQUA}<->${BLUE}$FWINT2:$FWIP2"
echo -en "${PURPLE}$FWINT1:$FWIP1${AQUA}<->${BLUE}$FWINT2:$FWIP2 "
$IPTABLES -A FORWARD -o $FWINT1 -i $FWINT2 \ $IPTABLES -A FORWARD -o $FWINT1 -i $FWINT2 \
-d $FWIP1 -s $FWIP2 -j ACCEPT -d $FWIP1 -s $FWIP2 -j ACCEPT
else else
echo -en "${PURPLE}$FWINT1:$FWIP1${AQUA}->${BLUE}$FWINT2:$FWIP2 " display_c DEFAULT "\t${PURPLE}$FWINT1:$FWIP1${AQUA}->${BLUE}$FWINT2:$FWIP2"
fi fi
done done
echo -ne "\n" echo -ne "\n"