Changeset 85ae78e4e6a2069ffee336d33834a7eb84254ee1
- Timestamp:
- 09/19/09 18:40:33 (3 years ago)
- Author:
- Neutron Soutmun <neo.neutron@…>
- Children:
- 6bfc4df01c9d7a55c8cb20e27577efa910712d95
- Parents:
- da073f8a69753a15298bfde3407d5563594472db
- git-committer:
- Neutron Soutmun <neo.neutron@…> (09/19/09 18:40:33)
- Message:
-
Yet another fix firewall script for _ext_fw
- Keep the external interfaces list in state file for inter-call process
- Files:
-
Legend:
- Unmodified
- Added
- Removed
-
|
rda073f8
|
r85ae78e
|
|
| 17 | 17 | RUNDIR=@localstatedir@/run/rahunas-set |
| 18 | 18 | VSERVER_LIST=@localstatedir@/run/rahunas-vserver |
| | 19 | MAIN_EXT_IFACE_LIST=@localstatedir@/run/rahunas_ext_iface_list |
| 19 | 20 | |
| 20 | 21 | RUN_DAEMON=no |
| … |
… |
|
| 55 | 56 | MAIN_EXT_IFACE_PORTS_ALLOW=`get_config_value main external_iface_ports_allow $RAHUNAS_CONFIG` |
| 56 | 57 | MAIN_EXT_IFACE_PING_ACCEPT=`get_config_value main external_iface_ping_accept $RAHUNAS_CONFIG` |
| 57 | | MAIN_EXT_IFACE_LIST= |
| 58 | 58 | |
| 59 | 59 | if [ "$ENV_OVERRIDE" != "yes" ]; then |
| … |
… |
|
| 266 | 266 | for dev in $DEV_EXTERNAL_LIST; do |
| 267 | 267 | # Filter duplicated external interfaces |
| 268 | | if ! echo $MAIN_EXT_IFACE_LIST | grep $dev > /dev/null; then |
| 269 | | MAIN_EXT_IFACE_LIST=`echo "$MAIN_EXT_IFACE_LIST $dev"` |
| | 268 | if ! cat $MAIN_EXT_IFACE_LIST | grep $dev > /dev/null; then |
| | 269 | echo "$dev" >> $MAIN_EXT_IFACE_LIST |
| 270 | 270 | |
| 271 | 271 | $IPTABLES $action INPUT $DEV_IN_PARAM $dev -j ${NAME}_ext_fw |
| … |
… |
|
| 273 | 273 | done |
| 274 | 274 | else #stop |
| 275 | | for dev in $MAIN_EXT_IFACE_LIST; do |
| | 275 | for dev in `cat $MAIN_EXT_IFACE_LIST`; do |
| 276 | 276 | $IPTABLES $action INPUT $DEV_IN_PARAM $dev -j ${NAME}_ext_fw |
| | 277 | sed -i "/$dev/d" $MAIN_EXT_IFACE_LIST |
| 277 | 278 | done |
| 278 | 279 | fi |
