Commit d17b01cd authored by Rafael Monnerat's avatar Rafael Monnerat

grandenet: Fix up grandenet script when set ip6tables

The ip6tables-save output can contains several entries (*filter, *raw, for diferent tables), try to append re6stnet specific configuration on the right location w/o break the content. 
parent 65352d27
...@@ -46,6 +46,7 @@ function configure { ...@@ -46,6 +46,7 @@ function configure {
printf '%s\n' "${configoptions[@]}" >> "${configfile}" printf '%s\n' "${configoptions[@]}" >> "${configfile}"
echo " echo "
*filter
:FORWARD ACCEPT [0:0] :FORWARD ACCEPT [0:0]
:OUTPUT DROP [0:0] :OUTPUT DROP [0:0]
-A INPUT -p udp -m udp --dport 6696 -j ACCEPT -A INPUT -p udp -m udp --dport 6696 -j ACCEPT
...@@ -54,6 +55,7 @@ function configure { ...@@ -54,6 +55,7 @@ function configure {
-A INPUT -p tcp -m tcp --dport 50005 -j ACCEPT -A INPUT -p tcp -m tcp --dport 50005 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 6696 -j ACCEPT -A OUTPUT -p udp -m udp --dport 6696 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 326 -j ACCEPT -A OUTPUT -p udp -m udp --dport 326 -j ACCEPT
COMMIT
" > "${configdir}/ip6tables.conf" " > "${configdir}/ip6tables.conf"
read -p "Save configuration on an external device [Y/n]? " save read -p "Save configuration on an external device [Y/n]? " save
...@@ -209,12 +211,8 @@ fi ...@@ -209,12 +211,8 @@ fi
# firewall configuration # firewall configuration
if [ -r "${configdir}/ip6tables.conf" ] ; then if [ -r "${configdir}/ip6tables.conf" ] ; then
# remove line containing "COMMIT"
sed -i '/COMMIT/d' "${configdir}/current_ip6tables.conf"
# add few rules # add few rules
cat "${configdir}/ip6tables.conf" >> "${configdir}/current_ip6tables.conf" cat "${configdir}/ip6tables.conf" >> "${configdir}/current_ip6tables.conf"
# putting "COMMIT" line back
echo "COMMIT" >> "${configdir}/current_ip6tables.conf"
ip6tables-restore < "${configdir}/current_ip6tables.conf" ip6tables-restore < "${configdir}/current_ip6tables.conf"
else else
# accept ports needed for re6stnet # accept ports needed for re6stnet
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment