| Line 1... |
Line 1... |
| 1 |
#!/bin/sh
|
1 |
#!/bin/sh
|
| 2 |
#
|
2 |
#
|
| 3 |
# $Id: alcasar-iptables-local.sh 2716 2019-03-11 21:21:45Z tom.houdayer $
|
3 |
# $Id: alcasar-iptables-local.sh 2740 2019-06-22 10:03:09Z rexy $
|
| 4 |
#
|
4 |
#
|
| 5 |
# Custom rules for ALCASAR firewall
|
5 |
# Custom rules for ALCASAR firewall
|
| 6 |
#
|
6 |
#
|
| 7 |
# Examples:
|
7 |
# Examples:
|
| 8 |
# - Local MAC addresses filtering (MAC are in '/usr/local/etc/alcasar-iptables-local-mac-filtered'. Format : aa:09:23:2f:4d:ee)
|
8 |
# - Local MAC addresses filtering (MAC are in '/usr/local/etc/alcasar-iptables-local-mac-filtered'. Format : aa:09:23:2f:4d:ee)
|
| Line 10... |
Line 10... |
| 10 |
# - allow SMTP from aLCASAR to an Internet server (SMTP_IP)
|
10 |
# - allow SMTP from aLCASAR to an Internet server (SMTP_IP)
|
| 11 |
# - PAT rules from Internet
|
11 |
# - PAT rules from Internet
|
| 12 |
# - Deny access to protected networks from internal LAN
|
12 |
# - Deny access to protected networks from internal LAN
|
| 13 |
# - Allow managers to access ACC from the external network
|
13 |
# - Allow managers to access ACC from the external network
|
| 14 |
# This script inherit of alcasar-iptables.sh variables : $INTIF, $EXTIF, $IPTABLES, etc
|
14 |
# This script inherit of alcasar-iptables.sh variables : $INTIF, $EXTIF, $IPTABLES, etc
|
| - |
|
15 |
# !!Beware, run the script "alcasar-iptables.sh" after changing this file.
|
| 15 |
|
16 |
|
| 16 |
# Local MAC addresses filtering (MAC are in '/usr/local/etc/alcasar-iptables-local-mac-filtered'. Format : aa:09:23:2f:4d:ee)
|
17 |
# Local MAC addresses filtering (MAC are in '/usr/local/etc/alcasar-iptables-local-mac-filtered'. Format : aa:09:23:2f:4d:ee)
|
| 17 |
if [ -s /usr/local/etc/alcasar-iptables-local-mac-filtered ]; then
|
18 |
if [ -s /usr/local/etc/alcasar-iptables-local-mac-filtered ]; then
|
| 18 |
while read mac_line
|
19 |
while read mac_line
|
| 19 |
do
|
20 |
do
|