version 2.61, 2009/01/17 01:16:43 |
version 2.62, 2009/01/17 01:31:26 |
|
|
# Licensed under terms of GNU General Public License. |
# Licensed under terms of GNU General Public License. |
# All rights reserved. |
# All rights reserved. |
# |
# |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.60 2009-01-17 01:09:03 nepto Exp $ |
# $Platon: scripts/shell/firewall/fw-universal.sh,v 2.61 2009-01-17 01:16:43 rajo Exp $ |
# |
# |
# Changelog: |
# Changelog: |
# 2003-10-24 - created |
# 2003-10-24 - created |
Line 70 IFCONFIG="${IFCONFIG:=/sbin/ifconfig}" |
|
Line 70 IFCONFIG="${IFCONFIG:=/sbin/ifconfig}" |
|
DEPMOD="${DEPMOD:=/sbin/depmod}" |
DEPMOD="${DEPMOD:=/sbin/depmod}" |
MODPROBE="${MODPROBE:=/sbin/modprobe}" |
MODPROBE="${MODPROBE:=/sbin/modprobe}" |
RMMOD="${RMMOD:=/sbin/rmmod}" |
RMMOD="${RMMOD:=/sbin/rmmod}" |
AWK="${AWK:=/usr/bin/awk}" |
AWK="${AWK:=/usr/bin/gawk}" |
PERL="${PERL:=/usr/bin/perl}" |
PERL="${PERL:=/usr/bin/perl}" |
|
|
# shaping |
# shaping |
Line 105 TRACEROUTE_DEST_PORTS="33434:33523" # Tr |
|
Line 105 TRACEROUTE_DEST_PORTS="33434:33523" # Tr |
|
# allow some ICMP packets - needed for ping etc. |
# allow some ICMP packets - needed for ping etc. |
ACCEPT_ICMP_PACKETS="${ACCEPT_ICMP_PACKETS:=echo-reply destination-unreachable echo-request time-exceeded}" |
ACCEPT_ICMP_PACKETS="${ACCEPT_ICMP_PACKETS:=echo-reply destination-unreachable echo-request time-exceeded}" |
|
|
|
# check if all required tools are installed |
|
check_tools() |
|
{ # {{{ |
|
[ -x $AWK ] || echo "AWK not found: please install gawk" && exit 1; |
|
[ -x $PERL ] || echo "PERL not found: please install perl" && exit 1; |
|
[ -x $IPTABLES ] || echo "IPTABLES not found: please install iptables" && exit 1; |
|
[ -x $IPTABLES_SAVE ] || echo "IPTABLES_SAVE not found: please install iptables" && exit 1; |
|
[ -x $IPTABLES_RESTORE ] || echo "IPTABLES_RESTORE not found: please install iptables" && exit 1; |
|
} # }}} |
|
|
print_first() |
print_first() |
{ # {{{ |
{ # {{{ |
Line 119 get_first_ip_addr() |
|
Line 128 get_first_ip_addr() |
|
|
|
read_config_ips() |
read_config_ips() |
{ # {{{ |
{ # {{{ |
PARSE_CONFIG=$1 perl -ne 'if (m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/(\d+)$/g) { print; } elsif ($_ !~ m/^\s*#/ && $_ !~ m/^\s*$/ ) { print STDERR "ERROR: $ENV{PARSE_CONFIG}:$.: ignored string $_\n"; }' $1 |
PARSE_CONFIG=$1 $PERL -ne 'if (m/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/(\d+)$/g) { print; } elsif ($_ !~ m/^\s*#/ && $_ !~ m/^\s*$/ ) { print STDERR "ERROR: $ENV{PARSE_CONFIG}:$.: ignored string $_\n"; }' $1 |
} # }}} |
} # }}} |
|
|
# load necessary modules from $MODULES variable |
# load necessary modules from $MODULES variable |
Line 175 unload_modules() |
|
Line 184 unload_modules() |
|
fi |
fi |
} # }}} |
} # }}} |
|
|
# helper function for string padding |
|
str_pad_right() |
|
{ # {{{ |
|
num="$1"; |
|
string="$2"; |
|
count=$(echo -n "$string" | wc -c); |
|
count=$((count + 0)) |
|
while [ $count -lt $num ]; do |
|
string="$string "; |
|
count=$((count + 1)); |
|
done |
|
echo -n "$string" |
|
return; |
|
} # }}} |
|
|
|
pad7() { str_pad_right 7 "$1"; } |
|
pad15() { str_pad_right 15 "$1"; } |
|
|
|
# print status of detected interfaces |
# print status of detected interfaces |
print_iface_status() |
print_iface_status() |
{ # {{{ |
{ # {{{ |
Line 1235 printf "interfaces=\"%s\"; export inter |
|
Line 1226 printf "interfaces=\"%s\"; export inter |
|
|
|
} # }}} |
} # }}} |
|
|
|
# helper function for string padding |
|
str_pad_right() |
|
{ # {{{ |
|
num="$1"; |
|
string="$2"; |
|
count=$(echo -n "$string" | wc -c); |
|
count=$((count + 0)) |
|
while [ $count -lt $num ]; do |
|
string="$string "; |
|
count=$((count + 1)); |
|
done |
|
echo -n "$string" |
|
return; |
|
} # }}} |
|
|
|
pad7() { str_pad_right 7 "$1"; } |
|
pad15() { str_pad_right 15 "$1"; } |
|
|
|
|
|
check_tools |
parse_ifconfig |
parse_ifconfig |
print_iface_status |
print_iface_status |
|
|