embedaddon/coova-chilli/conf/up.sh.in - annotate

Return to up.sh.in CVS log
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / coova-chilli / conf
Annotation of embedaddon/coova-chilli/conf/up.sh.in, revision 1.1

1.1     ! misho       1: #!/bin/sh
        !             2: # Coova Chilli - David Bird <david@coova.com>
        !             3: # Licensed under the GPL, see http://coova.org/
        !             4: # up.sh /dev/tun0 192.168.0.10 255.255.255.0
        !             5: 
        !             6: . @ETCCHILLI@/functions
        !             7: 
        !             8: [ -e "@VARRUN@/chilli.iptables" ] && sh @VARRUN@/chilli.iptables 2>/dev/null
        !             9: rm -f @VARRUN@/chilli.iptables 2>/dev/null
        !            10: 
        !            11: IF=$(basename $DEV)
        !            12: 
        !            13: ipt() {
        !            14:     opt=$1; shift
        !            15:     echo "iptables -D $*" >> @VARRUN@/chilli.iptables
        !            16:     iptables $opt $*
        !            17: }
        !            18: 
        !            19: ipt_in() {
        !            20:     ipt -A INPUT -i $IF $*
        !            21: }
        !            22: 
        !            23: [ -n "$DHCPIF" ] && {
        !            24: 
        !            25:     [ -n "$UAMPORT" -a "$UAMPORT" != "0" ] && \
        !            26:        ipt_in -p tcp -m tcp --dport $UAMPORT --dst $ADDR -j ACCEPT
        !            27: 
        !            28:     [ -n "$UAMUIPORT" -a "$UAMUIPORT" != "0" ] && \
        !            29:        ipt_in -p tcp -m tcp --dport $UAMUIPORT --dst $ADDR -j ACCEPT
        !            30: 
        !            31:     [ -n "HS_TCP_PORTS" ] && {
        !            32:        for port in $HS_TCP_PORTS; do
        !            33:            ipt_in -p tcp -m tcp --dport $port --dst $ADDR -j ACCEPT
        !            34:        done
        !            35:     }
        !            36:     
        !            37:     ipt_in -p udp -d 255.255.255.255 --destination-port 67:68 -j ACCEPT
        !            38:     ipt_in -p udp --dst $ADDR --dport 53 -j ACCEPT
        !            39: 
        !            40:     ipt -A INPUT -i $IF --dst $ADDR -j DROP
        !            41:     ipt -A INPUT -i $IF -j DROP
        !            42: 
        !            43:     ipt -I FORWARD -i $DHCPIF -j DROP
        !            44:     ipt -I FORWARD -o $DHCPIF -j DROP
        !            45:     ipt -I FORWARD -i $IF -j ACCEPT
        !            46:     ipt -I FORWARD -o $IF -j ACCEPT
        !            47: 
        !            48:     [ "$HS_LAN_ACCESS" != "on" -a "$HS_LAN_ACCESS" != "allow" ] && \
        !            49:        ipt -I FORWARD -i $IF -o \! $HS_WANIF -j DROP
        !            50: 
        !            51:     [ "$HS_LOCAL_DNS" = "on" ] && \
        !            52:        ipt -I PREROUTING -t nat -i $IF -p udp --dport 53 -j DNAT --to-destination $ADDR
        !            53: }
        !            54: 
        !            55: # site specific stuff optional
        !            56: [ -e @ETCCHILLI@/ipup.sh ] && . @ETCCHILLI@/ipup.sh
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>