Annotation of embedaddon/coova-chilli/conf/up.sh.in, revision 1.1.1.1
1.1 misho 1: #!/bin/sh
2: # Coova Chilli - David Bird <david@coova.com>
3: # Licensed under the GPL, see http://coova.org/
4: # up.sh /dev/tun0 192.168.0.10 255.255.255.0
5:
6: . @ETCCHILLI@/functions
7:
8: [ -e "@VARRUN@/chilli.iptables" ] && sh @VARRUN@/chilli.iptables 2>/dev/null
9: rm -f @VARRUN@/chilli.iptables 2>/dev/null
10:
11: IF=$(basename $DEV)
12:
13: ipt() {
14: opt=$1; shift
15: echo "iptables -D $*" >> @VARRUN@/chilli.iptables
16: iptables $opt $*
17: }
18:
19: ipt_in() {
20: ipt -A INPUT -i $IF $*
21: }
22:
23: [ -n "$DHCPIF" ] && {
24:
25: [ -n "$UAMPORT" -a "$UAMPORT" != "0" ] && \
26: ipt_in -p tcp -m tcp --dport $UAMPORT --dst $ADDR -j ACCEPT
27:
28: [ -n "$UAMUIPORT" -a "$UAMUIPORT" != "0" ] && \
29: ipt_in -p tcp -m tcp --dport $UAMUIPORT --dst $ADDR -j ACCEPT
30:
31: [ -n "HS_TCP_PORTS" ] && {
32: for port in $HS_TCP_PORTS; do
33: ipt_in -p tcp -m tcp --dport $port --dst $ADDR -j ACCEPT
34: done
35: }
36:
37: ipt_in -p udp -d 255.255.255.255 --destination-port 67:68 -j ACCEPT
38: ipt_in -p udp --dst $ADDR --dport 53 -j ACCEPT
39:
40: ipt -A INPUT -i $IF --dst $ADDR -j DROP
41: ipt -A INPUT -i $IF -j DROP
42:
43: ipt -I FORWARD -i $DHCPIF -j DROP
44: ipt -I FORWARD -o $DHCPIF -j DROP
45: ipt -I FORWARD -i $IF -j ACCEPT
46: ipt -I FORWARD -o $IF -j ACCEPT
47:
48: [ "$HS_LAN_ACCESS" != "on" -a "$HS_LAN_ACCESS" != "allow" ] && \
49: ipt -I FORWARD -i $IF -o \! $HS_WANIF -j DROP
50:
51: [ "$HS_LOCAL_DNS" = "on" ] && \
52: ipt -I PREROUTING -t nat -i $IF -p udp --dport 53 -j DNAT --to-destination $ADDR
53: }
54:
55: # site specific stuff optional
56: [ -e @ETCCHILLI@/ipup.sh ] && . @ETCCHILLI@/ipup.sh
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to up.sh.in CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / coova-chilli / conf