WebSVN – ALCASAR – Diff – /scripts/alcasar-iptables.sh



#!/bin/bash
# $Id: alcasar-iptables.sh 3195 2024-04-23 22:39:48Z rexy $
# Script de mise en place des regles du parefeu d'Alcasar (mode normal)
# This script writes the netfilter rules for ALCASAR
# Rexy - 3abtux - CPN
#
# Reminders

SSH_WAN_ADMIN_FROM=$([ "$SSH_WAN_ADMIN_FROM" == "0.0.0.0" ] && echo "0.0.0.0/0" || echo "$SSH_WAN_ADMIN_FROM" )
SSH_LAN_ADMIN_FROM=`grep ^SSH_ADMIN_FROM= $CONF_FILE|cut -d"=" -f2|cut -d"/" -f1`
SSH_LAN_ADMIN_FROM=${SSH_LAN_ADMIN_FROM:="0.0.0.0"}
SSH_LAN_ADMIN_FROM=$([ "$SSH_LAN_ADMIN_FROM" == "0.0.0.0" ] && echo "$PRIVATE_NETWORK_MASK" || echo "$SSH_LAN_ADMIN_FROM" )
IPTABLES="/sbin/iptables"
REHABILITED_IP="/etc/e2guardian/lists/common/exceptioniplist"
ALLOWED_SITES="/usr/local/etc/alcasar-site-direct"			# WEB Sites allowed for all (no av and no filtering for av_bl users)
MULTIWAN=`grep ^MULTIWAN $CONF_FILE|cut -d"=" -f2`
PROXY=`grep ^PROXY= $CONF_FILE|cut -d"=" -f2`
PROXY_IP=`grep ^PROXY_IP= $CONF_FILE|cut -d"=" -f2`
nb_gw=`grep ^WAN $CONF_FILE|wc -l`

Rev 3193	Rev 3195
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-iptables.sh 3193 2024-04-21 22:33:19Z rexy $`	2	`# $Id: alcasar-iptables.sh 3195 2024-04-23 22:39:48Z rexy $`
3	`# Script de mise en place des regles du parefeu d'Alcasar (mode normal)`	3	`# Script de mise en place des regles du parefeu d'Alcasar (mode normal)`
4	`# This script writes the netfilter rules for ALCASAR`	4	`# This script writes the netfilter rules for ALCASAR`
5	`# Rexy - 3abtux - CPN`	5	`# Rexy - 3abtux - CPN`
6	`#`	6	`#`
7	`# Reminders`	7	`# Reminders`
Line 51...	Line 51...
51	`SSH_WAN_ADMIN_FROM=$([ "$SSH_WAN_ADMIN_FROM" == "0.0.0.0" ] && echo "0.0.0.0/0" \|\| echo "$SSH_WAN_ADMIN_FROM" )`	51	`SSH_WAN_ADMIN_FROM=$([ "$SSH_WAN_ADMIN_FROM" == "0.0.0.0" ] && echo "0.0.0.0/0" \|\| echo "$SSH_WAN_ADMIN_FROM" )`
52	SSH_LAN_ADMIN_FROM=`grep ^SSH_ADMIN_FROM= $CONF_FILE\|cut -d"=" -f2\|cut -d"/" -f1`	52	SSH_LAN_ADMIN_FROM=`grep ^SSH_ADMIN_FROM= $CONF_FILE\|cut -d"=" -f2\|cut -d"/" -f1`
53	`SSH_LAN_ADMIN_FROM=${SSH_LAN_ADMIN_FROM:="0.0.0.0"}`	53	`SSH_LAN_ADMIN_FROM=${SSH_LAN_ADMIN_FROM:="0.0.0.0"}`
54	`SSH_LAN_ADMIN_FROM=$([ "$SSH_LAN_ADMIN_FROM" == "0.0.0.0" ] && echo "$PRIVATE_NETWORK_MASK" \|\| echo "$SSH_LAN_ADMIN_FROM" )`	54	`SSH_LAN_ADMIN_FROM=$([ "$SSH_LAN_ADMIN_FROM" == "0.0.0.0" ] && echo "$PRIVATE_NETWORK_MASK" \|\| echo "$SSH_LAN_ADMIN_FROM" )`
55	`IPTABLES="/sbin/iptables"`	55	`IPTABLES="/sbin/iptables"`
56	`REHABILITED_IP="/etc/e2guardian/lists/group1/exceptioniplist"`	56	`REHABILITED_IP="/etc/e2guardian/lists/common/exceptioniplist"`
57	`ALLOWED_SITES="/usr/local/etc/alcasar-site-direct" # WEB Sites allowed for all (no av and no filtering for av_bl users)`	57	`ALLOWED_SITES="/usr/local/etc/alcasar-site-direct" # WEB Sites allowed for all (no av and no filtering for av_bl users)`
58	MULTIWAN=`grep ^MULTIWAN $CONF_FILE\|cut -d"=" -f2`	58	MULTIWAN=`grep ^MULTIWAN $CONF_FILE\|cut -d"=" -f2`
59	PROXY=`grep ^PROXY= $CONF_FILE\|cut -d"=" -f2`	59	PROXY=`grep ^PROXY= $CONF_FILE\|cut -d"=" -f2`
60	PROXY_IP=`grep ^PROXY_IP= $CONF_FILE\|cut -d"=" -f2`	60	PROXY_IP=`grep ^PROXY_IP= $CONF_FILE\|cut -d"=" -f2`
61	nb_gw=`grep ^WAN $CONF_FILE\|wc -l`	61	nb_gw=`grep ^WAN $CONF_FILE\|wc -l`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-iptables.sh @ 3042 – Rev 3193 → 3195