Rozdiely pre scripts/shell/firewall/fw-universal.sh medzi verziami 2.46 a 2.47
verzia 2.46, 2006/08/09 16:38:54 |
verzia 2.47, 2006/09/24 16:17:10 |
|
|
$IPTABLES -A INPUT -s $client_ip -i $NAT_SUBNET_IFACE -j DROP |
$IPTABLES -A INPUT -s $client_ip -i $NAT_SUBNET_IFACE -j DROP |
done |
done |
fi |
fi |
|
if [ ! -z "$ALL_DROP_INPUT_TCP" ]; then |
|
echo -en "Drop ALL INPUT TCP connections on ports:" |
|
for port in $ALL_DROP_INPUT_TCP; do |
|
for iface in $INTERFACES; do |
|
echo -en " $port($iface)" |
|
IPS="IP_$iface"; |
|
for ip in ${!IPS}; do |
|
$IPTABLES -A INPUT -i $iface -d $ip -p TCP --dport $port -j DROP |
|
done |
|
done |
|
done |
|
echo " done." |
|
fi |
|
if [ ! -z "$ALL_DROP_INPUT_UDP" ]; then |
|
echo -en "Drop ALL INPUT UDP connections on ports:" |
|
for port in $ALL_DROP_INPUT_UDP; do |
|
for iface in $INTERFACES; do |
|
echo -en " $port($iface)" |
|
IPS="IP_$iface"; |
|
for ip in ${!IPS}; do |
|
$IPTABLES -A INPUT -i $iface -d $ip -p UDP --dport $port -j DROP |
|
done |
|
done |
|
done |
|
echo " done." |
|
fi |
if [ ! -z "$ALL_ACCEPT_INPUT_TCP" ]; then |
if [ ! -z "$ALL_ACCEPT_INPUT_TCP" ]; then |
echo -en "Accepting ALL INPUT TCP connections on ports:" |
echo -en "Accepting ALL INPUT TCP connections on ports:" |
for port in $ALL_ACCEPT_INPUT_TCP; do |
for port in $ALL_ACCEPT_INPUT_TCP; do |
Platon Group <platon@platon.sk> http://platon.sk/
|
|