Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 11522 Details for
Bug 20479
fwbuilder: suggested startup script
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
startup script for fwbuilder
fwbuilder (text/plain), 2.17 KB, created by
Peter Stieglecker
on 2003-05-05 09:16:48 UTC
(
hide
)
Description:
startup script for fwbuilder
Filename:
MIME Type:
Creator:
Peter Stieglecker
Created:
2003-05-05 09:16:48 UTC
Size:
2.17 KB
patch
obsolete
>#!/sbin/runscript > >FWSCRIPT=/root/fwbuilder/www.ican.at.fw >STATESAVE=/root/fwbuilder/state-before-start > >opts="start stop" > >depend() { > need logger net >} > >start() { > ebegin "Loading fwbuilder rules from $FWSCRIPT" > echo "#!/bin/sh" > $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/ip_forward` > /proc/sys/net/ipv4/ip_forward" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/conf/all/rp_filter` > /proc/sys/net/ipv4/conf/all/rp_filter" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/conf/all/accept_source_route` > /proc/sys/net/ipv4/conf/all/accept_source_route" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/conf/all/accept_redirects` > /proc/sys/net/ipv4/conf/all/accept_redirects" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/conf/all/log_martians` > /proc/sys/net/ipv4/conf/all/log_martians" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts` > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/icmp_echo_ignore_all` > /proc/sys/net/ipv4/icmp_echo_ignore_all" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses` > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/tcp_fin_timeout` > /proc/sys/net/ipv4/tcp_fin_timeout" >> $STATESAVE > echo "echo `cat /proc/sys/net/ipv4/tcp_keepalive_intvl` > /proc/sys/net/ipv4/tcp_keepalive_intvl" >> $STATESAVE > chmod 700 $STATESAVE > $FWSCRIPT > eend $? >} > >stop() { > ebegin "Stopping firewall and removing all rules" > $STATESAVE > > for a in `cat /proc/net/ip_tables_names`; do > iptables -F -t $a > iptables -X -t $a > > if [ $a == nat ]; then > iptables -t nat -P PREROUTING ACCEPT > iptables -t nat -P POSTROUTING ACCEPT > iptables -t nat -P OUTPUT ACCEPT > elif [ $a == mangle ]; then > iptables -t mangle -P PREROUTING ACCEPT > iptables -t mangle -P INPUT ACCEPT > iptables -t mangle -P FORWARD ACCEPT > iptables -t mangle -P OUTPUT ACCEPT > iptables -t mangle -P POSTROUTING ACCEPT > elif [ $a == filter ]; then > iptables -t filter -P INPUT ACCEPT > iptables -t filter -P FORWARD ACCEPT > iptables -t filter -P OUTPUT ACCEPT > fi > done > eend $? >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=11522">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 20479
: 11522
