Rozdiely pre scripts/shell/firewall/fw-universal.sh medzi verziami 2.28 a 2.29
verzia 2.28, 2005/10/09 21:11:08 |
verzia 2.29, 2005/11/01 00:12:49 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.27 2005/08/04 19:39:11 rajo Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.28 2005/10/09 21:11:08 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
|
|
if [ -f "$CACHE_FILE" ]; then |
if [ -f "$CACHE_FILE" ]; then |
echo "Loading rules from cache file $CACHE_FILE" |
echo "Loading rules from cache file $CACHE_FILE" |
$IPTABLES_RESTORE -c < $CACHE_FILE; |
$IPTABLES_RESTORE -c < $CACHE_FILE; |
|
forward_on # this has nothing to do with IPtables rules, we need to run them explicitly |
exit 0; |
exit 0; |
fi |
fi |
} # }}} |
} # }}} |
Riadok 153 antispoof_on() |
|
Riadok 154 antispoof_on() |
|
done |
done |
} # }}} |
} # }}} |
|
|
|
# Turn on IP packets forwarding |
forward_on() |
forward_on() |
{ # {{{ |
{ # {{{ |
echo -en "NAT: Enabling packet forwarding..." |
# NAT requires turn on IP forwarding |
echo 1 > /proc/sys/net/ipv4/ip_forward |
if [ ! -z "$NAT_LAN_IFACE" ]; then |
echo " done." |
echo -en "NAT: Enabling packet forwarding..." |
|
echo 1 > /proc/sys/net/ipv4/ip_forward |
|
echo " done." |
|
fi |
} # }}} |
} # }}} |
|
|
forward_off() |
forward_off() |
|
|
log_input_drop |
log_input_drop |
log_output_drop |
log_output_drop |
log_forward_drop |
log_forward_drop |
|
forward_on |
$IPTABLES_SAVE -c > $CACHE_FILE |
$IPTABLES_SAVE -c > $CACHE_FILE |
;; |
;; |
|
|
Platon Group <platon@platon.sk> http://platon.sk/
|
|