Opensource.Platon.SK CVS: scripts/shell/firewall/fw-off.sh - diff

   Up to  [Platon] / scripts / shell / firewall
Diff for scripts/shell/firewall/fw-off.sh between version 1.1 and 1.2


version 1.1, 2003/08/03 14:11:32
version 1.2, 2006/08/09 11:50:19



Line 11 




Line 11 




 # Changelog:
 # Changelog:


 # 10/01/2002 - created
 # 10/01/2002 - created


 # 02/08/2003 - import into CVS
 # 02/08/2003 - import into CVS


 
 # 09/08/2006 - enhanced by Lubomir Host 'rajo' <rajo AT platon.sk> - simplification of rules removal


 #
 #


 
 


 # $Platon$
 # $Platon: scripts/shell/firewall/fw-off.sh,v 1.1 2003/08/03 14:11:32 nepto Exp $


 
 


 IPTABLES="/sbin/iptables"
 IPTABLES="/sbin/iptables"


 
 


 function delete_chain()
 for chain in INPUT OUTPUT FORWARD; do


 {
         $IPTABLES -t filter -P $chain ACCEPT


         echo -n "$1/$2: ";
 done


         while [ -z "`$IPTABLES -t $1 -D $2 1 2>&1 `" ]; do
 


                 echo -n "#"
 for chain in PREROUTING POSTROUTING OUTPUT; do


         done
         $IPTABLES -t nat -P $chain ACCEPT


         echo " OK";
 done


 }
 


 
 for chain in PREROUTING INPUT FORWARD OUTPUT POSTROUTING; do


 $IPTABLES -t filter -P INPUT ACCEPT
         $IPTABLES -t mangle -P $chain ACCEPT


 $IPTABLES -t filter -P OUTPUT ACCEPT
 done


 $IPTABLES -t filter -P FORWARD ACCEPT
 


 
 for table in filter nat mangle; do


 delete_chain filter INPUT;
         iptables -F -t $table


 delete_chain filter OUTPUT;
         iptables -X -t $table


 delete_chain filter FORWARD;
 done


 delete_chain filter IN_FW;
 


 delete_chain filter spoofing;
 


 delete_chain filter syn-flood;
 


 
 


 $IPTABLES -X IN_FW 2> /dev/null;
 


 $IPTABLES -X spoofing 2> /dev/null;
 


 $IPTABLES -X syn-flood 2> /dev/null;
 


 
 


 $IPTABLES -t nat -P PREROUTING ACCEPT
 


 $IPTABLES -t nat -P OUTPUT ACCEPT
 


 $IPTABLES -t nat -P POSTROUTING ACCEPT
 


 
 


 delete_chain nat PREROUTING;
 


 delete_chain nat OUTPUT;
 


 delete_chain nat POSTROUTING;
 


 
 


 $IPTABLES -t mangle -P PREROUTING ACCEPT
 


 $IPTABLES -t mangle -P OUTPUT ACCEPT
 


 
 


 delete_chain mangle PREROUTING;
 


 delete_chain mangle OUTPUT;
 


 
 









Legend:


Removed from v.1.1
 


changed lines


 
Added in v.1.2


















Platon Group <platon@platon.org> http://platon.org/
  Up to  [Platon] / scripts / shell / firewall
-version 1.1, 2003/08/03 14:11:32
+version 1.2, 2006/08/09 11:50:19
 Line 11
 Line 11
 Line 11
  # Changelog:
  # 10/01/2002 - created
  # 02/08/2003 - import into CVS
+ # 09/08/2006 - enhanced by Lubomir Host 'rajo' <rajo AT platon.sk> - simplification of rules removal
  #
- # $Platon$
+ # $Platon: scripts/shell/firewall/fw-off.sh,v 1.1 2003/08/03 14:11:32 nepto Exp $
  IPTABLES="/sbin/iptables"
- function delete_chain()
+ for chain in INPUT OUTPUT FORWARD; do
- {
+         $IPTABLES -t filter -P $chain ACCEPT
-         echo -n "$1/$2: ";
+ done
-         while [ -z "`$IPTABLES -t $1 -D $2 1 2>&1 `" ]; do
-                 echo -n "#"
+ for chain in PREROUTING POSTROUTING OUTPUT; do
-         done
+         $IPTABLES -t nat -P $chain ACCEPT
-         echo " OK";
+ done
- }
+ for chain in PREROUTING INPUT FORWARD OUTPUT POSTROUTING; do
- $IPTABLES -t filter -P INPUT ACCEPT
+         $IPTABLES -t mangle -P $chain ACCEPT
- $IPTABLES -t filter -P OUTPUT ACCEPT
+ done
- $IPTABLES -t filter -P FORWARD ACCEPT
+ for table in filter nat mangle; do
- delete_chain filter INPUT;
+         iptables -F -t $table
- delete_chain filter OUTPUT;
+         iptables -X -t $table
- delete_chain filter FORWARD;
+ done
- delete_chain filter IN_FW;
- delete_chain filter spoofing;
- delete_chain filter syn-flood;
- $IPTABLES -X IN_FW 2> /dev/null;
- $IPTABLES -X spoofing 2> /dev/null;
- $IPTABLES -X syn-flood 2> /dev/null;
- $IPTABLES -t nat -P PREROUTING ACCEPT
- $IPTABLES -t nat -P OUTPUT ACCEPT
- $IPTABLES -t nat -P POSTROUTING ACCEPT
- delete_chain nat PREROUTING;
- delete_chain nat OUTPUT;
- delete_chain nat POSTROUTING;
- $IPTABLES -t mangle -P PREROUTING ACCEPT
- $IPTABLES -t mangle -P OUTPUT ACCEPT
- delete_chain mangle PREROUTING;
- delete_chain mangle OUTPUT;
 Legend:


Removed from v.1.1
 


changed lines


 
Added in v.1.2
 Legend:


Removed from v.1.1
 


changed lines


 
Added in v.1.2
-Removed from v.1.1
+Added in v.1.2


Copyright © 2002-2006 Platon Group Site powered by Metafox CMS	Go to Top