| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-iptables.sh 3043 2022-07-22 17:10:23Z rexy $
|
2 |
# $Id: alcasar-iptables.sh 3044 2022-07-24 21:55:18Z rexy $
|
| 3 |
# Script de mise en place des regles du parefeu d'Alcasar (mode normal)
|
3 |
# Script de mise en place des regles du parefeu d'Alcasar (mode normal)
|
| 4 |
# This script writes the netfilter rules for ALCASAR
|
4 |
# This script writes the netfilter rules for ALCASAR
|
| 5 |
# Rexy - 3abtux - CPN
|
5 |
# Rexy - 3abtux - CPN
|
| 6 |
#
|
6 |
#
|
| 7 |
# Reminders
|
7 |
# Reminders
|
| Line 55... |
Line 55... |
| 55 |
ALLOWED_SITES="/usr/local/etc/alcasar-site-direct" # WEB Sites allowed for all (no av and no filtering for av_bl users)
|
55 |
ALLOWED_SITES="/usr/local/etc/alcasar-site-direct" # WEB Sites allowed for all (no av and no filtering for av_bl users)
|
| 56 |
MULTIWAN=`grep ^MULTIWAN $CONF_FILE|cut -d"=" -f2`
|
56 |
MULTIWAN=`grep ^MULTIWAN $CONF_FILE|cut -d"=" -f2`
|
| 57 |
PROXY=`grep ^PROXY= $CONF_FILE|cut -d"=" -f2`
|
57 |
PROXY=`grep ^PROXY= $CONF_FILE|cut -d"=" -f2`
|
| 58 |
PROXY_IP=`grep ^PROXY_IP= $CONF_FILE|cut -d"=" -f2`
|
58 |
PROXY_IP=`grep ^PROXY_IP= $CONF_FILE|cut -d"=" -f2`
|
| 59 |
nb_gw=`grep ^WAN $CONF_FILE|wc -l`
|
59 |
nb_gw=`grep ^WAN $CONF_FILE|wc -l`
|
| 60 |
HOST=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
|
- |
|
| 61 |
DOM=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
- |
|
| 62 |
DOMAIN="$HOST.$DOM"
|
- |
|
| 63 |
|
60 |
|
| 64 |
# Allow requests to internal DNS if activated
|
61 |
# Allow requests to internal DNS if activated
|
| 65 |
if [ "$INT_DNS_ACTIVE" = "on" ]
|
62 |
if [ "$INT_DNS_ACTIVE" = "on" ]
|
| 66 |
then
|
63 |
then
|
| 67 |
DNSSERVERS="$DNSSERVERS,$INT_DNS_IP"
|
64 |
DNSSERVERS="$DNSSERVERS,$INT_DNS_IP"
|