Sophie

Sophie

distrib > Mageia > 5 > x86_64 > by-pkgid > b2da34e1e3e96de52cd91ed3a86a039b > files > 12

firestarter-1.0.3-23.mga5.x86_64.rpm

#!/bin/sh
#
# Startup script for the Firestarter Application Suite
#
# chkconfig: - 12 92
#
# description: Automates the startup of Firestarter's generated ruleset
#
# Script Author:	Paul Drain <pd@cipherfunk.org>
#   -- a hack taken from the default RH ipchains startup script
#
# config: /etc/firestarter/firewall.sh
#
### BEGIN INIT INFO
# Provides: firestarter
# Required-Start: $local_fs $remote_fs $syslog
# Should-Start: $time $named
# Default-Start: 3 4 5
# Short-Description: Firestarter Firewall
# Description: Firestarter Firewall
### END INIT INFO

# Source function library.
. /etc/init.d/functions

# Get config.
. /etc/sysconfig/network

# Check that networking is up.
if [ ${NETWORKING} = "no" ]
then
	exit 0
fi

[ -x /usr/bin/firestarter ] || exit 0

[ "`uname -r | cut -c1-3`" = "2.2" ] && exit 0

FS_CONFIG="/etc/firestarter/firewall.sh"
RETVAL=0

start() {
	# make sure that iptables matches the kernel
	if [ -f /etc/init.d/iptables ]; then
	service iptables check
	fi
	if [ -f $FS_CONFIG ]; then
	# Clear the existing rulesets out, so we don't run into any duplicates
	action "Flushing all current rules and user defined chains:" iptables -F
	action "Clearing all current rules and user defined chains:" iptables -X
	action "Zeroing all current rules:" iptables -Z
	gprintf "Applying Firestarter configuration: "
        $FS_CONFIG
		success "Applying Firestarter configuration" || 
		failure "Applying Firestarter configuration"
	echo
	touch /var/lock/subsys/firestarter
	fi
}

stop() {
	action "Flushing all current rules and user defined chains:" iptables -F
	action "Clearing all current rules and user defined chains:" iptables -X
    	action "Zeroing all current rules:" iptables -Z
	gprintf "Resetting built-in chains to the default ACCEPT policy:"
		iptables -P INPUT ACCEPT
		iptables -P FORWARD ACCEPT
		iptables -P OUTPUT ACCEPT
	success "Resetting built-in chains to the default ACCEPT policy" ||\
	failure "Resetting built-in chains to the default ACCEPT policy"
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/firestarter
	return $RETVAL
}

panic() {
	gprintf "Changing target policies to DENY: "
		iptables -P INPUT DENY
		iptables -P FORWARD DENY
		iptables -P OUTPUT DENY 
	success "Changing target policies to DENY" ||
	failure "Changing target policies to DENY"
	echo
	action "Flushing all current rules and user defined chains:" iptables -F
	action "Clearing all current rules and user defined chains:" iptables -X
	action "Zeroing all current rules:" iptables -Z
	RETVAL=$?
	echo
	[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/firestarter
	return $RETVAL
}

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
	iptables -nL
	;;
  restart|reload)
        # "restart" is really just "start" as this isn't a daemon,
	#  and "start" clears any pre-defined rules anyway.
	#  This is really only here to make those who expect it happy
        start
	;;
  panic)
	panic
	;;
  *)
	gprintf "Usage: firestarter {start|stop|status|restart|reload|panic}\n"
	exit 1
esac
exit $RETVAL

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional