--- /dev/null
+#!/bin/bash
+# Firewall Script by Bernhard Tittelbach
+#
+### BEGIN INIT INFO
+# Provides: firewall
+# Required-Start: $syslog $local_fs $network
+# Required-Stop: $syslog $local_fs $network
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Firewall
+# Description: see above
+### END INIT INFO
+
+PATH=/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+. /lib/lsb/init-functions
+
+IPTABLES=iptables
+IP6TABLES=ip6tables
+OUTPUT=$(mktemp)
+RC=0
+
+FIREWALL_CONFIG=/flash/etc/firewall.conf
+
+runrule()
+{
+ rule="$1"
+ IPT=$IPTABLES
+ if [ $(($2)) -eq 6 ]; then
+ IPT=$IP6TABLES
+ ipv=6
+ else
+ ipv=4
+ fi
+ $IPT $rule &> $OUTPUT
+ rc=$?
+ if [ $rc -ne 0 ] ; then
+ RC=$rc
+ logger -s -i -p daemon.err "Error running ipv${ipv} rule: $rule, error was $(cat $OUTPUT)"
+ fi
+}
+
+ip4()
+{
+ runrule "$*" 4
+}
+
+ip6()
+{
+ runrule "$*" 6
+}
+
+finish()
+{
+ rm -f $OUTPUT
+}
+
+. $FIREWALL_CONFIG
+
+
+case "$1" in
+ start) log_daemon_msg "Starting " "firewall"
+ start_firewall
+ finish
+ log_end_msg $RC
+ ;;
+ stop) log_daemon_msg "Stopping " "firewall"
+ stop_firewall
+ finish
+ log_end_msg $RC
+ ;;
+ restart) log_daemon_msg "Restarting " "firewall"
+ stop_firewall
+ start_firewall
+ finish
+ log_end_msg $RC
+ ;;
+*) log_action_msg "Usage: /etc/init.d/cron {start|stop|restart}"
+ exit 2
+ ;;
+esac
+exit 0
--- /dev/null
+#!/bin/bash
+#Firewall Script by Bernhard Tittelbach
+#get's sourced by /etc/init.d/firewall
+
+start_firewall()
+{
+ ip4 -I FORWARD -d $(resolveip -s tv.realraum.at 2>/dev/null || echo 89.106.215.58) -p tcp --syn --dport ! 22 -j REJECT
+
+}
+
+stop_firewall()
+{
+
+ for table in INPUT FORWARD OUTPUT; do
+ ip4 -F $table
+ done
+
+}
+
projects / svn42.git / commitdiff