1 |
#!/bin/sh |
#!/bin/sh |
2 |
# $Header: /root/magellan-cvs/src/iptables/iptables.rc,v 1.1 2005-12-31 16:16:46 niro Exp $ |
# $Header: /root/magellan-cvs/src/iptables/iptables.rc,v 1.2 2008-03-27 10:40:32 niro Exp $ |
3 |
|
|
4 |
#%rlevels: 2:s 3:s 4:s 5:s 0:k 1:k 6:k |
#%rlevels: 2:s 3:s 4:s 5:s 0:k 1:k 6:k |
5 |
#%start: 15 |
#%start: 15 |
27 |
{ |
{ |
28 |
if [[ ! -f ${IPTABLES_SAVE_PATH} ]] |
if [[ ! -f ${IPTABLES_SAVE_PATH} ]] |
29 |
then |
then |
30 |
echo -e ${COLRED} "Not starting ${SVC_NAME}. First create some rules then run:" |
rc_echo -e ${COLRED} "Not starting ${SVC_NAME}. First create some rules then run:" |
31 |
echo -e ${COLRED} "/etc/init.d/${SVC_NAME} save" |
rc_echo -e ${COLRED} "/etc/init.d/${SVC_NAME} save" |
32 |
exit 1 |
exit 1 |
33 |
fi |
fi |
34 |
return 0 |
return 0 |
60 |
case "$1" in |
case "$1" in |
61 |
start) |
start) |
62 |
checkconfig |
checkconfig |
63 |
echo -e ${COLOREDSTAR}"Loading ${SVC_NAME} ruleset ..." |
rc_print "Loading ${SVC_NAME} ruleset ..." |
64 |
|
|
65 |
${IPTABLES_RESTORE} ${SAVE_RESTORE_OPTIONS} < "${IPTABLES_SAVE_PATH}" |
${IPTABLES_RESTORE} ${SAVE_RESTORE_OPTIONS} < "${IPTABLES_SAVE_PATH}" |
66 |
evaluate_retval |
evaluate_retval |
75 |
$0 save |
$0 save |
76 |
fi |
fi |
77 |
|
|
78 |
echo -e ${COLOREDSTAR}"Stopping ${SVC_NAME} and reseting ruleset ..." |
rc_print "Stopping ${SVC_NAME} and reseting ruleset ..." |
79 |
|
|
80 |
for rule in $(<${IPTABLES_PROC}) |
for rule in $(<${IPTABLES_PROC}) |
81 |
do |
do |
95 |
;; |
;; |
96 |
|
|
97 |
reload) |
reload) |
98 |
echo -e ${COLOREDSTAR}"Flushing ${SVC_NAME} ruleset ..." |
rc_print "Flushing ${SVC_NAME} ruleset ..." |
99 |
for rule in $(<${IPTABLES_PROC}) |
for rule in $(<${IPTABLES_PROC}) |
100 |
do |
do |
101 |
# flush rules |
# flush rules |
108 |
;; |
;; |
109 |
|
|
110 |
save) |
save) |
111 |
echo -e ${COLOREDSTAR}"Saving ${SVC_NAME} ruleset ..." |
rc_print "Saving ${SVC_NAME} ruleset ..." |
112 |
[ -d $(dirname ${IPTABLES_SAVE_PATH}) ] && |
[ ! -d $(dirname ${IPTABLES_SAVE_PATH}) ] && |
113 |
install -d $(dirname ${IPTABLES_SAVE_PATH}) |
install -d $(dirname ${IPTABLES_SAVE_PATH}) |
114 |
touch "${IPTABLES_SAVE_PATH}" |
touch "${IPTABLES_SAVE_PATH}" |
115 |
chmod 0600 "${IPTABLES_SAVE_PATH}" |
chmod 0600 "${IPTABLES_SAVE_PATH}" |
117 |
;; |
;; |
118 |
|
|
119 |
panic) |
panic) |
120 |
echo -e ${COLOREDSTAR}"Enabled Panic-Mode for ${SVC_NAME} (DROP ALL) ..." |
rc_print "Enabled Panic-Mode for ${SVC_NAME} (DROP ALL) ..." |
121 |
for rule in $(<${IPTABLES_PROC}) |
for rule in $(<${IPTABLES_PROC}) |
122 |
do |
do |
123 |
${IPTABLES} -F -t ${rule} |
${IPTABLES} -F -t ${rule} |
135 |
;; |
;; |
136 |
|
|
137 |
*) |
*) |
138 |
echo "Usage: $0 {start|stop|reload|save|panic|restart}" |
rc_echo "Usage: $0 {start|stop|reload|save|panic|restart}" |
139 |
exit 1 |
exit 1 |
140 |
;; |
;; |
141 |
esac |
esac |