|
|
@@ -152,10 +152,7 @@ fi
|
|
|
|
|
|
eval set -- "$options"
|
|
|
|
|
|
-IT_INPUT=INPUT
|
|
|
-IT_INPUT_LOG=LOGINPUT
|
|
|
-IT_OUTPUT=OUTPUT
|
|
|
-IT_OUTPUT_LOG=LOGOUTPUT
|
|
|
+. /etc/lfirewall/setup
|
|
|
|
|
|
verbose=0
|
|
|
logging=" "
|
|
|
@@ -195,33 +192,6 @@ do
|
|
|
shift
|
|
|
done
|
|
|
|
|
|
-PATH=/bin:/sbin:/usr/bin:/usr/sbin
|
|
|
-
|
|
|
-#Defautl network interface
|
|
|
-NETWORK_IF=eth0
|
|
|
-
|
|
|
-# Services that the system will offer to the network
|
|
|
-TCP_SERVICES="22" # SSH only
|
|
|
-UDP_SERVICES=""
|
|
|
-# Services the system will use from the network
|
|
|
-REMOTE_TCP_SERVICES="80 443" # web browsing
|
|
|
-REMOTE_UDP_SERVICES="53" # DNS
|
|
|
-
|
|
|
-
|
|
|
-# Network that will be used for remote mgmt
|
|
|
-# (if undefined, no rules will be setup)
|
|
|
-# NETWORK_MGMT=192.168.0.0/24
|
|
|
-
|
|
|
-# Port used for the SSH service, define this is you have setup a
|
|
|
-# management network but remove it from TCP_SERVICES
|
|
|
-SSH_PORT="22"
|
|
|
-
|
|
|
-# Default IP_TABLES command path
|
|
|
-IP_TABLES="/sbin/iptables"
|
|
|
-IP_TABLES_RESTORE="/sbin/iptables-restore"
|
|
|
-IP_TABLES_RESTORE_6="/sbin/ip6tables-restore"
|
|
|
-IP_TABLES_SAVE="/sbin/iptables-save"
|
|
|
-IP_TABLES_SAVE_6="/sbin/ip6tables-save"
|
|
|
|
|
|
|
|
|
if ! [ -x $IP_TABLES ]; then
|
|
|
@@ -240,11 +210,6 @@ if ! [ -x $IP_TABLES_RESTORE_6 ]; then
|
|
|
fi
|
|
|
|
|
|
|
|
|
-CONFIGURATION_DIR=/etc/lfirewall
|
|
|
-CONFIGURATION_FILE=${CONFIGURATION_DIR}/lfirewall.conf
|
|
|
-CONFIGURATION_LOCAL_FILE=${CONFIGURATION_DIR}/lfirewall.conf.local
|
|
|
-USER_RULES_IPTABLES=${CONFIGURATION_DIR}/iptables-user.v4
|
|
|
-USER_RULES_IPTABLES_6=${CONFIGURATION_DIR}/iptables-user.v6
|
|
|
|
|
|
if [ -f $CONFIGURATION_FILE ] ; then
|
|
|
set +u
|
Laurent HUBERT