slitaz-tools view rootfs/etc/init.d/firewall @ rev 252
Fix spelling, typos, wording, etc.
| author | Mike D. Smith <MikeDSmith25@gmail.com> |
|---|---|
| date | Sat Jul 19 06:35:45 2008 +0000 (2008-07-19) |
| parents | d7a24e0c3a13 |
| children | 71139fa09dca |
line source
1 #!/bin/sh
2 # /etc/init.d/firewall - SliTaz firewall daemon script using iptables.
3 # Config file is: /etc/firewall.conf
4 #
5 . /etc/init.d/rc.functions
6 . /etc/firewall.conf
8 case $1 in
9 start)
10 # Kernel security. 0 = disable, 1 = enable.
11 #
12 if [ "$KERNEL_SECURITY" = "yes" ] ; then
13 echo -n "Setting up kernel security rules... "
14 # ICMP redirects acceptance.
15 for conf in /proc/sys/net/ipv4/conf/*/accept_redirects ; do
16 echo "0" > $conf
17 done
18 for conf in /proc/sys/net/ipv4/conf/*/secure_redirects ; do
19 echo "0" > $conf
20 done
21 # IP source routing.
22 for conf in /proc/sys/net/ipv4/conf/*/accept_source_route ; do
23 echo "0" > $conf
24 done
25 # Log impossible addresses.
26 for conf in /proc/sys/net/ipv4/conf/*/log_martians ; do
27 echo "1" > $conf
28 done
29 # Ip spoofing protection.
30 for conf in /proc/sys/net/ipv4/conf/*/rp_filter ; do
31 echo "1" > $conf
32 done
33 echo "1" > /proc/sys/net/ipv4/tcp_syncookies
34 status
35 else
36 echo "Kernel security rules are disabled in: /etc/firewall.conf... "
37 fi
38 # Netfilter/iptables rules. We get the rules from /etc/firewall.conf.
39 #
40 if [ "$IPTABLES_RULES" = "yes" ] ; then
41 echo -n "Setting up iptables rules defined in: /etc/firewall.conf... "
42 iptables_rules
43 status
44 else
45 echo "Iptables rules are disabled in: /etc/firewall.conf... "
46 exit 0
47 fi
48 ;;
49 stop)
50 if [ "$IPTABLES_RULES" = "yes" ] ; then
51 echo -n "Stopping iptables firewall rules... "
52 iptables -P INPUT ACCEPT
53 iptables -P OUTPUT ACCEPT
54 iptables -F
55 iptables -X
56 status
57 else
58 echo "Iptables rules are disabled in: /etc/firewall.conf... "
59 exit 0
60 fi
61 ;;
62 restart)
63 $0 stop
64 sleep 2
65 $0 start
66 ;;
67 status)
68 echo ""
69 echo -e "\033[1m===================== SliTaz firewall statistics =====================\033[0m"
70 echo ""
71 if [ "$KERNEL_SECURITY" = "yes" ] ; then
72 echo "Kernel security: enabled"
73 else
74 echo "Kernel security: disabled"
75 fi
76 echo ""
77 echo "Netfilter/iptables rules: "
78 echo ""
79 iptables -nL
80 echo ""
81 ;;
82 *)
83 echo ""
84 echo -e "\033[1mUsage:\033[0m /etc/init.d/`basename $0` [start|stop|restart|status]"
85 echo ""
86 exit 1
87 ;;
88 esac