source: trunk/debian/package/debwrt-net/etc/firewall/firewall.sh @ 292

Last change on this file since 292 was 292, checked in by amain, 8 years ago

debwrt-net package added: this package will contain all DebWrt networking configuration

  • Property svn:executable set to *
File size: 934 bytes
Line 
1#!/bin/sh
2#
3# Minimal firewal script
4#
5# Amain <amain@debwrt.net>
6
7. /lib/lsb/init-functions
8
9IPT=/sbin/iptables
10
11flush() {
12    $IPT -t filter -F
13    $IPT -t filter -X
14    $IPT -t nat    -F
15    $IPT -t nat    -X
16}
17
18start() {
19    flush
20
21    $IPT -t filter -A INPUT       -m state --state RELATED,ESTABLISHED -i wan -j ACCEPT
22    $IPT -t filter -A INPUT       -i wan -j DROP
23
24    $IPT -t filter -A FORWARD     -m state --state RELATED,ESTABLISHED -i wan -j ACCEPT
25    $IPT -t filter -A FORWARD     -i wan -j DROP
26
27    #$IPT -t nat    -A POSTROUTING -o wan -j SNAT --to-source "replace: WAN-IF-IP"
28    $IPT -t nat    -A POSTROUTING -o wan -j MASQUERADE
29
30    log_action_end_msg 0
31}
32
33stop() {
34        flush
35        log_action_end_msg 0
36}
37
38case $1 in
39        start)
40                log_action_begin_msg 'Loading firewall - starting'
41                start
42        ;;
43        stop)
44                log_action_begin_msg 'Loading firewall - stopping'
45                stop
46        ;;
47        *)
48                echo "usage: `basename $0` start|stop"
49        ;;
50esac
Note: See TracBrowser for help on using the repository browser.