webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 12:15:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Align chain name to Collectd configuration

Browse Source 
This fixes broken firewall hits graphs.

Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
This commit is contained in:
Peter Müller
2022-01-29 17:59:31 +00:00
parent 1b939d0ecc
commit 37a9a0ba03
1 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/initscripts/system/firewall
View File

@@ -141,17 +141,15 @@ iptables_init() {
# Log and drop any traffic from and to networks known as being hostile, posing
# a technical threat to our users (i. e. listed at Spamhaus DROP et al.)
iptables -N DROP_HOSTILE
iptables -N HOSTILE
if [ "$DROPHOSTILE" == "on" ]; then
iptables -A DROP_HOSTILE -m limit --limit 10/second -j LOG --log-prefix "DROP_HOSTILE "
iptables -A INPUT -i $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
iptables -A FORWARD -i $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
iptables -A FORWARD -o $IFACE -m geoip --dst-cc XD -j DROP_HOSTILE
iptables -A OUTPUT -o $IFACE -m geoip --src-cc XD -j DROP_HOSTILE
iptables -A DROP_HOSTILE -j DROP -m comment --comment "DROP_HOSTILE"
iptables -A HOSTILE -m limit --limit 10/second -j LOG --log-prefix "DROP_HOSTILE "
iptables -A INPUT -i $IFACE -m geoip --src-cc XD -j HOSTILE
iptables -A FORWARD -i $IFACE -m geoip --src-cc XD -j HOSTILE
iptables -A FORWARD -o $IFACE -m geoip --dst-cc XD -j HOSTILE
iptables -A OUTPUT -o $IFACE -m geoip --src-cc XD -j HOSTILE
fi
iptables -A HOSTILE -j DROP -m comment --comment "DROP_HOSTILE"
# P2PBLOCK
iptables -N P2PBLOCK