Spark
/
ssm-services
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

configcheck for iptables

This commit is contained in:
Jack L. Frost 2014-03-13 01:08:12 +04:00
parent 707b5f5682
commit e1353f46cf
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
init.d/iptables
View File

@ -7,8 +7,16 @@ cfg_ip6dump='/etc/iptables/ip6.rules'
start() {
watchman.msg "Restoring netfilter rules..."
[[ -f "$cfg_ip4dump" ]] && { /usr/bin/iptables-restore < "$cfg_ip4dump"; }
[[ -f "$cfg_ip6dump" ]] && { /usr/bin/ip6tables-restore < "$cfg_ip6dump"; }
[[ -f "$cfg_ip4dump" ]] && {
iptables-restore -t < "$cfg_ip4dump" || return 1
iptables-restore < "$cfg_ip4dump"
}
[[ -f "$cfg_ip6dump" ]] && {
ip6tables-restore -t < "$cfg_ip6dump" || return 1
ip6tables-restore < "$cfg_ip6dump"
}
}
stop() {
@ -17,13 +25,8 @@ stop() {
iptables-save | sed -re 's/(:[A-Z]+\s+)[A-Z]+/\1ACCEPT/g' -e '/-.+/d' | iptables-restore
ip6tables-save | sed -re 's/(:[A-Z]+\s+)[A-Z]+/\1ACCEPT/g' -e '/-.+/d' | ip6tables-restore
[[ -f '/proc/net/ip_tables_names' ]] && {
while read line; do iptables -t "$line" -X; done < /proc/net/ip_tables_names
}
[[ -f '/proc/net/ip6_tables_names' ]] && {
while read line; do iptables -t "$line" -X; done < /proc/net/ip6_tables_names
}
for i in $(iptables-save | grep -E '^\*'); do iptables -t "${i//\*/}" -X; done
for i in $(ip6tables-save | grep -E '^\*'); do ip6tables -t "${i//\*/}" -X; done
}
save() {