From 496fad1b1059118900d8450ce400330c65116497 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Sat, 30 Sep 2017 13:49:11 +0200 Subject: Implement firewall script and more --- firewall/multiconfig.sh | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100755 firewall/multiconfig.sh (limited to 'firewall') diff --git a/firewall/multiconfig.sh b/firewall/multiconfig.sh new file mode 100755 index 0000000..1c9b6ff --- /dev/null +++ b/firewall/multiconfig.sh @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +mkdir /etc/iptables + +configure() { + if ! grep -q "$3_SAVE=\"/etc/iptables/$1\""; then + echo "Reconfiguring $2 service configuration" + sed -i "s#^$3_SAVE=.*\$#$3_SAVE=\"/etc/iptables/$1\"#" "/etc/conf.d/$2" + fi +} +configure ipv4 iptables IPTABLES +configure ipv6 ip6tables IP6TABLES + +H="$(hostname)" + +if inst "firewall/$H.ipv4" /etc/iptables/ipv4; then + echo "Reloading IPv4 firewall" + service iptables reload +fi + +if inst "firewall/$H.ipv6" /etc/iptables/ipv6; then + echo "Reloading IPv6 firewall" + service ip6tables reload +fi -- cgit v1.2.3