[Debian-live-changes] r2070 - in dists/trunk/live-sysvinit: debian scripts

daniel at alioth.debian.org daniel at alioth.debian.org
Wed Jun 13 12:02:54 UTC 2007


Author: daniel
Date: 2007-06-13 12:02:54 +0000 (Wed, 13 Jun 2007)
New Revision: 2070

Added:
   dists/trunk/live-sysvinit/scripts/iptables
Modified:
   dists/trunk/live-sysvinit/debian/rules
Log:


Modified: dists/trunk/live-sysvinit/debian/rules
===================================================================
--- dists/trunk/live-sysvinit/debian/rules	2007-06-13 09:40:38 UTC (rev 2069)
+++ dists/trunk/live-sysvinit/debian/rules	2007-06-13 12:02:54 UTC (rev 2070)
@@ -38,6 +38,7 @@
 	dh_installdocs
 	dh_install
 	dh_installinit --name apt-upgrade --onlyscripts --no-restart-on-upgrade --no-start -- start 99 2 6 .
+	dh_installinit --name iptables --onlyscripts --no-restart-on-upgrade --no-start -- start 99 2 6 .
 	dh_compress
 	dh_fixperms
 	dh_installdeb

Added: dists/trunk/live-sysvinit/scripts/iptables
===================================================================
--- dists/trunk/live-sysvinit/scripts/iptables	                        (rev 0)
+++ dists/trunk/live-sysvinit/scripts/iptables	2007-06-13 12:02:54 UTC (rev 2070)
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -e
+
+grep -qs boot=live /proc/cmdline || exit 0
+grep -qs iptables /proc/cmdline || exit 0
+
+case "${1}" in
+	start)
+		echo 1 > /proc/sys/net/ipv4/ip_forward
+
+		iptables -N block
+
+		iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
+		iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
+		iptables -A block -j DROP
+		iptables -A INPUT -j block
+		iptables -A FORWARD -j block
+		;;
+esac


Property changes on: dists/trunk/live-sysvinit/scripts/iptables
___________________________________________________________________
Name: svn:executable
   + *




More information about the Debian-live-changes mailing list