f8d3e36efb
Signed-off-by: Nico Schottelius <nico@bento.schottelius.org>
48 lines
1.1 KiB
Bash
48 lines
1.1 KiB
Bash
#!/bin/sh
|
|
# Nico Schottelius
|
|
# Zürisee, Mon Sep 2 18:38:27 CEST 2013
|
|
#
|
|
### BEGIN INIT INFO
|
|
# Provides: iptables
|
|
# Required-Start: $local_fs $remote_fs
|
|
# Required-Stop: $local_fs $remote_fs
|
|
# X-Start-Before: fail2ban
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: Applies iptables ruleset
|
|
# Description: Applies all rules found in /etc/iptables.d
|
|
# and saves/restores previous status
|
|
### END INIT INFO
|
|
|
|
|
|
basedir=/etc/iptables.d
|
|
status="${basedir}/.pre-start"
|
|
|
|
case $1 in
|
|
start)
|
|
# Save status
|
|
iptables-save > "$status"
|
|
|
|
# Apply our ruleset
|
|
cd "$basedir"
|
|
count="$(ls -1 | wc -l)"
|
|
|
|
# Only do something if there are rules
|
|
if [ "$count" -ge 1 ]; then
|
|
for rule in *; do
|
|
echo "Applying iptables rule $rule ..."
|
|
iptables $(cat "$rule")
|
|
done
|
|
fi
|
|
;;
|
|
|
|
stop)
|
|
# Restore from status before, if there is something to restore
|
|
if [ -f "$status" ]; then
|
|
iptables-restore < "$status"
|
|
fi
|
|
;;
|
|
restart)
|
|
"$0" stop && "$0" start
|
|
;;
|
|
esac
|