#!/bin/bash # By Brielle Bruns # URL: http://www.sosdg.org/freestuff/firewall # License: GPLv3 # # Copyright (C) 2009 - 2010 Brielle Bruns # Copyright (C) 2009 - 2010 The Summit Open Source Development Group # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # # This file defines static variables that we will be using. Normally, you # should not be needing to edit these. # These defines are here to help pre-1.0 users easily upgrade, defines critical defaults # that would otherwise require remaking their options file. I leave this on by default, # but if you want to make sure you have a current options file, define this to 0. if [[ "$COMPAT_CONFIG" == "1" ]]; then MODPROBE=`which modprobe` # These are temp compatibility with old config files with IPv6 IPV6_FORWARD=${IPV6_FORWARD=$IPV6FORWARD} IPV6_CONNTRACK=${IPV6_CONNTRACK=$IPV6CONNTRACK} IPV6_BLOCKINCOMING=${$IPV6_BLOCKINCOMING=$IPV6BLOCKINCOMING} IPV6_MARK=${IPV6_MARK=$IPv6_MARK} IPV6_BLOCKED=${IPV6_BLOCKED=$BLOCKEDIPV6} IPV6_CLAMPMSS=${IPV6_CLAMPMSS=$CLAMPMSSIPV6} IPV6_INT=${IPV6_INT=$IPV6INT} IPV6_LAN=${IPV6_LAN=$IPV6LAN} IPV6_TRUSTED=${IPV6_TRUSTED=$IPV6TRUSTED} IPV6_TCPPORTS=${IPV6_TCPPORTS=$IPV6TCP} IPV6_UDPPORTS=${IPV6_UDPPORTS=$IPV6UDP} IPV6_FORWARDRANGE=${IPV6_FORWARDRANGE=$IPV6FORWARDRANGE} fi PRERUN="$BASEDIR/prerun" POSTRUN="$BASEDIR/postrun" # ANSI color sequences BLUE="\E[34m" GREEN="\E[32m" RED="\E[31m" YELLOW="\E[33m" PURPLE="\E[35m" AQUA="\E[36m" WHITE="\E[1m" GREY="\E[37m" DEFAULT_COLOR="\E[39m" # Module names that we may need to load MOD_U32="xt_u32" # Location of the ipv4 network conf in proc PROC_NET_IPV4="/proc/sys/net/ipv4/conf" # Multiport options - override in options NF_MULTIPORT="xt_multiport" NF_MULTIPORT_MAX_PORTS="7" # RFC 1918 Space RFC1918_SPACE="192.168.0.0/16 172.16.0.0/12 10.0.0.0/8"