webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 04:52:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'outgoingfw' into next

Browse Source
This commit is contained in:
Michael Tremer
2012-08-24 15:29:29 +02:00
parent e967320c35 4e2bce1804
commit 890f0b12f7
2 changed files with 8 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
config/outgoingfw/outgoingfw.pl
View File

@@ -73,7 +73,6 @@ my $PROTO = "";
my $DPORT = "";
my $DEV = "";
my $MAC = "";
my $POLICY = "";
my $DO = "";
my $DAY = "";
@@ -90,11 +89,9 @@ close FILE;
if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
$outfwsettings{'STATE'} = "ALLOW";
$POLICY = "DROP";
$DO = "ACCEPT";
$DO = "RETURN";
} elsif ( $outfwsettings{'POLICY'} eq 'MODE2' ) {
$outfwsettings{'STATE'} = "DENY";
$POLICY = "ACCEPT";
$DO = "DROP -m comment --comment 'DROP_OUTGOINGFW '";
}
@@ -112,13 +109,13 @@ if ( $outfwsettings{'POLICY'} eq 'MODE0' ) {
}
if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
$CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j ACCEPT";
$CMD = "/sbin/iptables -A OUTGOINGFW -m state --state ESTABLISHED,RELATED -j RETURN";
if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
$CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j ACCEPT";
$CMD = "/sbin/iptables -A OUTGOINGFWMAC -m state --state ESTABLISHED,RELATED -j RETURN";
if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
$CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j ACCEPT";
$CMD = "/sbin/iptables -A OUTGOINGFW -p icmp -j RETURN";
if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
$CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j ACCEPT";
$CMD = "/sbin/iptables -A OUTGOINGFWMAC -p icmp -j RETURN";
if ($DEBUG) { print "$CMD\n"; } else { system("$CMD"); }
}
@@ -260,7 +257,7 @@ foreach $p2pentry (sort @p2ps)
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
}
} else {
$DO = "ACCEPT";
$DO = "RETURN";
if ("$p2pline[2]" eq "on") {
$P2PSTRING = "$P2PSTRING --$p2pline[1]";
}
@@ -290,4 +287,4 @@ if ( $outfwsettings{'POLICY'} eq 'MODE1' ) {
} else {
system("$CMD");
}
}
}

1
config/rootfiles/core/62/filelists/files
View File

@@ -2,3 +2,4 @@ etc/system-release
etc/issue
srv/web/ipfire/cgi-bin/connections.cgi
usr/lib/gconv
var/ipfire/outgoing/bin/outgoingfw.pl