verzia 2.82, 2011/11/18 23:26:18 |
verzia 2.83, 2011/11/18 23:49:00 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.81 2011-10-03 17:42:56 nepto Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.82 2011-11-18 23:26:18 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
|
|
riface="IFname_$iface"; |
riface="IFname_$iface"; |
print_info -en " $port($iface)"`[ ! -z $src_ip ] && echo "[$src_ip]"` |
print_info -en " $port($iface)"`[ ! -z $src_ip ] && echo "[$src_ip]"` |
IPS="IP_$iface"; |
IPS="IP_$iface"; |
if [ "$port" -eq 67 ]; then # DHCP requests doesn't have destination IP specified |
if [ "x$port" = "x67" ]; then # DHCP requests doesn't have destination IP specified |
$IPTABLES -A INPUT -i ${!riface} -p UDP --dport $port -j ACCEPT |
$IPTABLES -A INPUT -i ${!riface} -p UDP --dport $port -j ACCEPT |
else |
else |
for ip in ${!IPS}; do |
for ip in ${!IPS}; do |
Riadok 1099 allow_input() |
|
Riadok 1099 allow_input() |
|
print_info -en " $port"`[ ! -z $src_ip ] && echo "[$src_ip]"` |
print_info -en " $port"`[ ! -z $src_ip ] && echo "[$src_ip]"` |
#$IPTABLES -A INPUT -i $iface -d ${!INET_IP} -p UDP --dport $port -j ACCEPT |
#$IPTABLES -A INPUT -i $iface -d ${!INET_IP} -p UDP --dport $port -j ACCEPT |
#$IPTABLES -A INPUT -i $iface --source 192.168.1.0/16 -p UDP --dport $port -j ACCEPT |
#$IPTABLES -A INPUT -i $iface --source 192.168.1.0/16 -p UDP --dport $port -j ACCEPT |
if [ "$port" -eq 67 ]; then # DHCP requests doesn't have destination IP specified |
if [ "x$port" = "x67" ]; then # DHCP requests doesn't have destination IP specified |
$IPTABLES -A INPUT -i ${!riface} -p UDP --dport $port -j ACCEPT |
$IPTABLES -A INPUT -i ${!riface} -p UDP --dport $port -j ACCEPT |
else |
else |
for ip in ${!IPS}; do |
for ip in ${!IPS}; do |