WebSVN – ALCASAR – Diff – /scripts/alcasar-iptables-bypass.sh

 #!/bin/bash
-# $Id: alcasar-iptables-bypass.sh 767 2011-11-11 08:00:07Z richard $
+# $Id: alcasar-iptables-bypass.sh 856 2012-04-10 11:32:34Z franck $
 # alcasar-iptables-bypass.sh
 # by Rexy - 3abtux
 # This script is distributed under the Gnu General Public License (GPL)
 # On autorise tout sur loopback
 # accept all on loopback
 $IPTABLES -A INPUT -i lo -j ACCEPT
+# Insertion de règles de blocage (Devel)
+# Here, we add block rules (Devel)
+if [ -s /usr/local/etc/alcasar-iptables-block ]; then
+    while read ip_blocked
+    do
+      echo "Network Address blocked : $ip_blocked"
+      $IPTABLES -A FORWARD -d $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT "
+      $IPTABLES -A FORWARD -d $ip_blocked -j REJECT
+      $IPTABLES -A FORWARD -s $ip_blocked -j ULOG --ulog-prefix "RULE IP-blocked -- REJECT "
+      $IPTABLES -A FORWARD -s $ip_blocked -j REJECT
+    done < /usr/local/etc/alcasar-iptables-block
+fi
 # on autorise les requêtes dhcp
 # accept dhcp
 $IPTABLES -A INPUT -i $INTIF -p udp -m udp --sport bootpc --dport bootps -j ACCEPT
 # On drop le broadcast et le multicast sur les interfaces (sans Log)

Subversion Repositories ALCASAR