summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJérôme Schneider <jschneider@entrouvert.com>2013-11-15 09:31:30 (GMT)
committerJérôme Schneider <jschneider@entrouvert.com>2013-11-15 09:31:30 (GMT)
commitbcc798bcbd84c68838dcd968b23ce32a71dad6fa (patch)
tree5f66e0fcae60aeaf24023a686e4d2ce2a98a8535
parent7c7a1ee5cb022402173d54bb8db74427729814db (diff)
downloadeofirewall-bcc798bcbd84c68838dcd968b23ce32a71dad6fa.zip
eofirewall-bcc798bcbd84c68838dcd968b23ce32a71dad6fa.tar.gz
eofirewall-bcc798bcbd84c68838dcd968b23ce32a71dad6fa.tar.bz2
eofirewall is not an init script anymore
-rw-r--r--Makefile6
-rwxr-xr-xeofirewall (renamed from firewall)86
2 files changed, 45 insertions, 47 deletions
diff --git a/Makefile b/Makefile
index cb75d4f..c85e25d 100644
--- a/Makefile
+++ b/Makefile
@@ -5,16 +5,16 @@
## Login <jschneider@entrouvert.org>
##
-NAME=firewall
+NAME=eofirewall
VERSION=`git describe`
DESTDIR=
all:
install:
- install -d -m 0755 -o root -g root $(DESTDIR)/etc/init.d $(DESTDIR)/etc/rsyslog.d $(DESTDIR)/usr/bin
+ install -d -m 0755 -o root -g root $(DESTDIR)/etc/rsyslog.d $(DESTDIR)/usr/bin
install -d -m 0755 -o root -g root $(DESTDIR)/etc/firewall
- install -m 0640 -o root -g root $(NAME).conf $(DESTDIR)/etc/firewall/firewall.conf.template
+ install -m 0640 -o root -g root firewall.conf $(DESTDIR)/etc/firewall/firewall.conf.template
install -m 0640 -o root -g root rsyslog.conf $(DESTDIR)/etc/rsyslog.d
install -m 0755 -o root -g root $(NAME) $(DESTDIR)/usr/bin
clean:
diff --git a/firewall b/eofirewall
index cf626c0..fc90561 100755
--- a/firewall
+++ b/eofirewall
@@ -1,18 +1,8 @@
#!/bin/bash
-### BEGIN INIT INFO
-# Provides: firewall
-# Required-Start: $remote_fs $syslog $network
-# Required-Stop: $remote_fs $syslog $network
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Iptables firewall
-# Description: An iptables firewall
-### END INIT INFO
-
. /lib/lsb/init-functions
-NAME="firewall"
+NAME="eofirewall"
abort()
{
@@ -353,50 +343,58 @@ start()
}
+load()
+{
+ log_daemon_msg "Loading rules from /etc/network/iptables-save"
+ if [ -f /etc/network/iptables-save ]; then
+ iptables-restore < /etc/network/iptables-save
+ else
+ log_warning_msg "No iptables rules saved please use test and save script options"
+ fi
+}
+
+test_rules()
+{
+ log_action_msg "Testing new rules"
+ log_action_msg "You have 30 seconds to test your new rules"
+ start || exit 1
+ log_end_msg 0
+ log_action_msg "... Please test your rules"
+ sleep 30
+ log_action_msg "---- The test is finished ----"
+ if [ -f /etc/network/iptables-save ]; then
+ iptables-restore < /etc/network/iptables-save
+ log_action_msg "Old rules restored"
+ else
+ flush
+ log_action_msg "Rules flushed"
+ fi
+ log_action_msg "If you are happy with this new rules please use save option"
+}
+
+
case "$1" in
- start|restore)
- log_daemon_msg "Starting firewall"
- if [ -f /etc/network/iptables-save ]; then
- iptables-restore < /etc/network/iptables-save
- else
- log_warning_msg "No iptables rules saved please use test and save script options"
- fi
- log_end_msg 0
- ;;
- stop)
- log_daemon_msg "Stopping firewall"
- clean || exit 1
- log_end_msg 0
+ load|restore)
+ load || exit 1
;;
test)
- log_action_msg "Testing new rules"
- log_action_msg "You have 30 seconds to test your new rules"
- start || exit 1
- log_end_msg 0
- log_action_msg "... Please test your rules"
- sleep 30
- log_action_msg "---- The test is finished ----"
- if [ -f /etc/network/iptables-save ]; then
- iptables-restore < /etc/network/iptables-save
- log_action_msg "Old rules restored"
- else
- flush
- log_action_msg "Rules flushed"
- fi
- log_action_msg "If you are happy with this new rules please use save option"
+ test_rules || exit 1
;;
save)
- log_action_msg "Starting and saving new rules"
+ log_daemon_msg "Loading new rules"
start || exit 1
+ log_daemon_msg "Saving new rules to /etc/network/iptables-save"
iptables-save > /etc/network/iptables-save
- log_end_msg 0
;;
flush)
- flush
+ flush || exit 1
+ ;;
+ clean)
+ clean || exit 1
;;
*)
- N=/etc/init.d/$NAME
- echo "Usage: $N {start|restore|save|test|stop}"
+ N=/usr/bin/$NAME
+ echo "Usage: $N {restore|load|save|test|clean|flush}"
exit 2
;;
esac