]>
Commit | Line | Data |
---|---|---|
62fc8511 AM |
1 | #!/bin/sh |
2 | ||
3 | eval $(/usr/local/bin/readhash /var/ipfire/forward/settings) | |
4 | eval $(/usr/local/bin/readhash /var/ipfire/optionsfw/settings) | |
5 | ||
6 | iptables -F POLICY | |
7 | ||
8 | if [ "$POLICY" == "MODE1" ]; then | |
9 | ||
10 | if [ "$FWPOLICY" == "REJECT" ]; then | |
11 | if [ "$DROPFORWARD" == "on" ]; then | |
12 | /sbin/iptables -A POLICY -m limit --limit 10/minute -j LOG --log-prefix "REJECT_FORWARD" | |
13 | fi | |
14 | /sbin/iptables -A POLICY -j REJECT --reject-with icmp-host-unreachable -m comment --comment "DROP_OUTPUT" | |
15 | fi | |
16 | if [ "$FWPOLICY" == "DROP" ]; then | |
17 | if [ "$DROPFORWARD" == "on" ]; then | |
18 | /sbin/iptables -A POLICY -m limit --limit 10/minute -j LOG --log-prefix "DROP_FORWARD" | |
19 | fi | |
20 | /sbin/iptables -A POLICY -j DROP -m comment --comment "DROP_OUTPUT" | |
21 | fi | |
22 | fi | |
23 | ||
24 |