[Debian-live-changes] r2070 - in dists/trunk/live-sysvinit: debian scripts
daniel at alioth.debian.org
daniel at alioth.debian.org
Wed Jun 13 12:02:54 UTC 2007
Author: daniel
Date: 2007-06-13 12:02:54 +0000 (Wed, 13 Jun 2007)
New Revision: 2070
Added:
dists/trunk/live-sysvinit/scripts/iptables
Modified:
dists/trunk/live-sysvinit/debian/rules
Log:
Modified: dists/trunk/live-sysvinit/debian/rules
===================================================================
--- dists/trunk/live-sysvinit/debian/rules 2007-06-13 09:40:38 UTC (rev 2069)
+++ dists/trunk/live-sysvinit/debian/rules 2007-06-13 12:02:54 UTC (rev 2070)
@@ -38,6 +38,7 @@
dh_installdocs
dh_install
dh_installinit --name apt-upgrade --onlyscripts --no-restart-on-upgrade --no-start -- start 99 2 6 .
+ dh_installinit --name iptables --onlyscripts --no-restart-on-upgrade --no-start -- start 99 2 6 .
dh_compress
dh_fixperms
dh_installdeb
Added: dists/trunk/live-sysvinit/scripts/iptables
===================================================================
--- dists/trunk/live-sysvinit/scripts/iptables (rev 0)
+++ dists/trunk/live-sysvinit/scripts/iptables 2007-06-13 12:02:54 UTC (rev 2070)
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -e
+
+grep -qs boot=live /proc/cmdline || exit 0
+grep -qs iptables /proc/cmdline || exit 0
+
+case "${1}" in
+ start)
+ echo 1 > /proc/sys/net/ipv4/ip_forward
+
+ iptables -N block
+
+ iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
+ iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
+ iptables -A block -j DROP
+ iptables -A INPUT -j block
+ iptables -A FORWARD -j block
+ ;;
+esac
Property changes on: dists/trunk/live-sysvinit/scripts/iptables
___________________________________________________________________
Name: svn:executable
+ *
More information about the Debian-live-changes
mailing list