]> git.pld-linux.org Git - packages/filtergen.git/blob - filter.init
projects / packages / filtergen.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
This commit was manufactured by cvs2git to create tag 'STABLE'.
[packages/filtergen.git] / filter.init
1 #!/bin/sh
2 # ipchains/iptables rules generator
3 #
4 # chkconfig:    345 15 85
5 # description:  ipchains/iptables rules generator
6
7 # Source function library
8 . /etc/rc.d/init.d/functions
9
10 # Get network config
11 . /etc/sysconfig/network
12
13 # Get service config
14 CONFIG=/etc/filter/simple.conf
15 GEN_CONFIG=/etc/filter/generated_rules
16 SUBSYS=/var/lock/subsys/filter
17 [ -f /etc/sysconfig/filter ] && . /etc/sysconfig/filter
18
19 # Check that networking is up.
20 # if is_no "${NETWORKING}" ; then
21 #    msg_network_down "filter"
22 #       exit 1
23 # fi
24
25 confstatus() {
26    if [ ! -e $GEN_CONFIG ]; then
27       confstatus=3
28    elif [ $GEN_CONFIG -ot $CONFIG ]; then
29       confstatus=2
30    elif [ $SUBSYS -ot $GEN_CONFIG ]; then
31       confstatus=1
32    else
33       confstatus=0
34    fi
35 }
36
37 find_filter() {
38    iptables=`which iptables 2> /dev/null`
39    ipchains=`which ipchains 2> /dev/null`
40    if [ -n "$iptables" ]; then
41       filter=$iptables
42    elif [ -n "$ipchains" ]; then
43       filter=$ipchains
44    else
45       nls "ipchains/iptables not found. cannot continue"
46       exit 1
47       filter=
48    fi
49 }
50
51 # See how we were called.
52 case "$1" in
53   start)
54       confstatus
55       if [ $confstatus -ge 0 ]; then
56          if [ $confstatus -gt 0 ]; then
57             $0 init
58          fi
59          show "Setting filter rules"
60          busy
61          sh $GEN_CONFIG
62          RETVAL=$?
63          if [ $RETVAL = 0 ]; then
64             touch $SUBSYS
65             ok
66          else
67             fail
68          fi
69       fi
70       ;;
71   stop)
72   show "Flushing filter rules"
73       find_filter
74       $filter -F
75       RETVAL=$?
76       if [ $RETVAL = 0 ]; then
77          rm -f $SUBSYS
78          ok
79       else
80          fail
81       fi
82       ;;
83   init)
84       show "Generating $GEN_CONFIG"
85       find_filter
86       umask 077
87       filtergen $CONFIG `basename $filter` > $GEN_CONFIG
88       ;;
89   restart)
90       $0 stop
91       $0 start
92       ;;
93   status)
94       confstatus
95       case "$confstatus" in
96          3)
97          nls "$GEN_CONFIG not generated"
98          ;;
99          2)
100          nls "$GEN_CONFIG outdated"
101          ;;
102          1)
103          nls "$GEN_CONFIG not applied"
104          ;;
105          0)
106          nls "filter rules applied"
107          ;;
108       esac
109       ;;
110   *)
111       msg_Usage "$0 {start|stop|restart|init|status}"
112       exit 1
113       ;;
114 esac
115
116 exit $RETVAL
Simple packet filter generator
This page took 0.066661 seconds and 3 git commands to generate.