diff options
| author | Starfall <us@starfall.systems> | 2024-01-08 09:40:24 -0600 |
|---|---|---|
| committer | Starfall <us@starfall.systems> | 2024-01-08 09:40:24 -0600 |
| commit | a91d41375fc87c958f0b4b2ec09d5bfa2bab9414 (patch) | |
| tree | 5ecf2d3f5b5962bb2d317ad4ce1fddd88e8b0ed7 /noarch/firewall-fedora | |
Diffstat (limited to 'noarch/firewall-fedora')
| -rwxr-xr-x | noarch/firewall-fedora | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/noarch/firewall-fedora b/noarch/firewall-fedora new file mode 100755 index 0000000..7a54192 --- /dev/null +++ b/noarch/firewall-fedora @@ -0,0 +1,59 @@ +IPTABLES_SERVICE_NAME_4="iptables" +IPTABLES_SERVICE_NAME_6="ip6tables" + +IPTABLES_BIN_PATH="/sbin" + +rule_template() { + echo "INPUT -p udp --sport 161 --dport $1 -j ACCEPT" +} + +add_rules_iptables() { +# $1 - iptables(ip6tables) +# $2 - port + "${IPTABLES_BIN_PATH}/$1" "-I" `rule_template $2` +} + +delete_rules_iptables() { +# $1 - iptables(ip6tables) +# $2 - port + "${IPTABLES_BIN_PATH}/$1" "-D" `rule_template $2` +} + +save_rules_iptables() { + service "$1"-save > "$2" +} + +change_rules_fedora() { + local ACTION=$1 # delete or add + local NAME=$2 # iptables(iptables6) restart service + local PORT=$3 + + # add or delete new rules to ip(6)tables + # first, delete old rules + # in order to avoid repeated rules + delete_rules_iptables "$NAME" "$PORT" + if [ "$ACTION" = "add" ] ; then + add_rules_iptables "$NAME" "$PORT" + fi + + # save all rules to configfile + service "$NAME" save +} + +plug_hifw_fedora() { + log_message "delete_rules_throught_Fedora_RH" + + change_rules_fedora "delete" "$IPTABLES_SERVICE_NAME_4" "$1" + change_rules_fedora "delete" "$IPTABLES_SERVICE_NAME_6" "$1" +} + +make_hifw_fedora() { +# mhifw - make hole in firewall for Fedora and RH distr +# add rules to iptables, then save new rules in /etc/systocfig/ip(6)tables + change_rules_fedora "add" "$IPTABLES_SERVICE_NAME_4" "$1" + local RESULT="$?" + change_rules_fedora "add" "$IPTABLES_SERVICE_NAME_6" "$1" + + return $RESULT +} + |