webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-17 06:23:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Forward Firewall: First part of adding OUTGOING to th efirewall

Browse Source
This commit is contained in:
Alexander Marx
2013-02-17 13:58:35 +01:00
committed by Michael Tremer
parent d7127db8fb
commit 5d7faa4518
11 changed files with 126 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/initscripts/init.d/firewall
View File

@@ -153,6 +153,7 @@ case "$1" in
/sbin/iptables -N OUTGOINGFW
/sbin/iptables -N OUTGOINGFWMAC
/sbin/iptables -A OUTPUT -j OUTGOINGFW
/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -t nat -N CUSTOMPREROUTING
/sbin/iptables -t nat -A PREROUTING -j CUSTOMPREROUTING
/sbin/iptables -t nat -N CUSTOMPOSTROUTING
@@ -295,10 +296,13 @@ case "$1" in
#/sbin/iptables -A FORWARD -j DROP -m comment --comment "DROP_FORWARD"
#POLICY CHAIN
/sbin/iptables -N POLICY
/sbin/iptables -A FORWARD -j POLICY
/sbin/iptables -N POLICYFWD
/sbin/iptables -A FORWARD -j POLICYFWD
/sbin/iptables -N POLICYOUT
/sbin/iptables -A OUTPUT -j POLICYOUT
/usr/sbin/firewall-forward-policy
/usr/sbin/firewall-policy
;;
startovpn)
# run openvpn