version 2.112, 2016/07/06 22:47:03 |
version 2.115, 2018/06/28 22:46:00 |
|
|
# Provides: firewall |
# Provides: firewall |
# Required-Start: $network |
# Required-Start: $network |
# Required-Stop: $remote_fs |
# Required-Stop: $remote_fs |
# Default-Start: S |
# Default-Start: 2 3 4 5 |
# Default-Stop: 0 6 |
# Default-Stop: 0 6 |
# Short-Description: Starts firewall |
# Short-Description: Starts firewall |
# Description: Handle universal firewall script by Platon Group |
# Description: Handle universal firewall script by Platon Group |
# http://platon.sk/cvs/cvs.php/scripts/shell/firewall/ |
# http://platon.sk/cvs/cvs.php/scripts/shell/firewall/ |
# Author: Lubomir Host <rajo@platon.sk> |
# Author: Lubomir Host <rajo@platon.sk> |
# Copyright: (c) 2003-2011 Platon Group |
# Copyright: (c) 2003-2018 Platon Group |
### END INIT INFO |
### END INIT INFO |
|
|
# |
# |
|
|
# Can be started by init or by hand. |
# Can be started by init or by hand. |
# |
# |
# Developed by Lubomir Host 'rajo' <rajo AT platon.sk> |
# Developed by Lubomir Host 'rajo' <rajo AT platon.sk> |
# Copyright (c) 2003-2011 Platon Group, http://platon.sk/ |
# Copyright (c) 2003-2018 Platon Group, http://platon.sk/ |
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.111 2016/05/05 23:54:19 nepto Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.114 2018/06/28 16:50:18 nepto Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
# 2011-07-20 - implemented XEN_MODE |
# 2011-07-20 - implemented XEN_MODE |
|
# 2018-03-01 - fixed Default-Start for SystemD on Stretch (nepto) |
# |
# |
|
|
|
|
Line 1617 shaping_status() |
|
Line 1618 shaping_status() |
|
|
|
add_banned_ip() |
add_banned_ip() |
{ # {{{ |
{ # {{{ |
echo "# `date '+%Y-%m-%d %X' `" >> $DEFAULT_FIREWALL_CONFIG_DIR/BANNED_IP.conf |
echo "# `date '+%F %T'`" >> $DEFAULT_FIREWALL_CONFIG_DIR/BANNED_IP.conf |
TMPFILE=`mktemp -t fw-universal.sh-XXXXXX` || exit 1 |
TMPFILE=`mktemp -t fw-universal.sh-XXXXXX` || exit 1 |
trap 'rm -f $TMPFILE' 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
trap 'rm -f $TMPFILE' 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
if [ -z "$*" ]; then |
if [ -z "$*" ]; then |
|
|
drop_output |
drop_output |
allow_output |
allow_output |
allow_icmp |
allow_icmp |
echo "----[ INCOMMING TRAFFIC ]------------------------------------------------" |
print_info "----[ INCOMMING TRAFFIC ]------------------------------------------------" |
drop_input |
drop_input |
reject_input |
reject_input |
allow_input |
allow_input |