Raspi2-3_GenImage Files · bootstrap.d/21-firewall.sh · Collaboration Tremplin des Sciences

Preconfigure Wifi...

Preconfigure Wifi Added Options to add ssid and psk Added Options to configure static and dhcp wlan0 Added wpasupplicant to wifi requirements Updated README rename config files to new interface names, if ENABLE_IFNAMES=true Added default metric and IPV6 PrivacyExtensions

Unknown - - Load All Authors

Fichier de la dernière révision:

r569:c84998d2e8c2


                r698:1d5e72bc7aa0

Download file

             21-firewall.sh
        
                    54 lines
            
             | 1.9 KiB
            
                | application/x-sh
            
             |
                BashLexer
            
             / bootstrap.d / 21-firewall.sh
          
                    Historique
                
                 |
                  Source
                 | Brut
                 |Copy content
                 |Copy permalink

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
      #

        Jan Wagner
    
spliting more files, fix-uboot, fix-fbturbo, fix-locale

              r67
            
      # Setup Firewall

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
      #

        Jan Wagner
    
spliting more files, fix-uboot, fix-fbturbo, fix-locale

              r67
            
      # Load utility functions

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
      . ./functions.sh

      if [ "$ENABLE_IPTABLES" = true ] ; then

        # Create iptables configuration directory

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
        mkdir -p "${ETC_DIR}/iptables"

        Unknown
    
iptables fix...

              r279
            
        Unknown
    
kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...

              r502
            
        if [ "$KERNEL_NF" = false ] ; then

        Unknown
    
formating and dropbear fix for static ip

              r569
            
          # iptables-save and -restore are slaves of iptables and thus are set accordingly

        Unknown
    
kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...

              r502
            
          chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy    

        fi

        Unknown
    
iptables fix...

              r279
            
        Jan Wagner
    
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig

              r71
            
        # Install iptables systemd service

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
        install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
        Jan Wagner
    
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig

              r71
            
        # Install flush-table script called by iptables service

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
        install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
        Jan Wagner
    
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig

              r71
            
        # Install iptables rule file

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
        install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
        # Reload systemd configuration and enable iptables service

        chroot_exec systemctl daemon-reload

        chroot_exec systemctl enable iptables.service

        if [ "$ENABLE_IPV6" = true ] ; then

        Unknown
    
kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...

              r502
            
          if [ "$KERNEL_NF" = false ] ; then

        Unknown
    
formating and dropbear fix for static ip

              r569
            
            # iptables-save and -restore are slaves of iptables and thus are set accordingly

        drtyhlpr
    
Merge branch 'testing' into dropbear

              r530
            
            chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy 

        Unknown
    
formating and dropbear fix for static ip

              r569
            
      	fi

        Jan Wagner
    
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig

              r71
            
          # Install ip6tables systemd service

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
          install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
        Jan Wagner
    
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig

              r71
            
          # Install ip6tables file

        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
          install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
        drtyhlpr
    
Added Raspberry Pi 3 model support

              r94
            
          install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
          # Reload systemd configuration and enable iptables service

          chroot_exec systemctl daemon-reload

          chroot_exec systemctl enable ip6tables.service

        fi

        drtyhlpr
    
fast fix for issues/128...

              r240
            
        if [ "$ENABLE_SSHD" = false ] ; then

         # Remove SSHD related iptables rules

         sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null

         sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null

        fi

        Filip Pytloun
    
Refactor: split bootstrap actions and allow custom

              r56
            
      fi

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Filip Pytloun Refactor: split bootstrap actions and allow custom	r56	#
Jan Wagner spliting more files, fix-uboot, fix-fbturbo, fix-locale	r67	# Setup Firewall
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56	#

Jan Wagner spliting more files, fix-uboot, fix-fbturbo, fix-locale	r67	# Load utility functions
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56	. ./functions.sh

		if [ "$ENABLE_IPTABLES" = true ] ; then
		# Create iptables configuration directory
drtyhlpr Added Raspberry Pi 3 model support	r94	mkdir -p "${ETC_DIR}/iptables"
Unknown iptables fix...	r279
Unknown kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...	r502	if [ "$KERNEL_NF" = false ] ; then
Unknown formating and dropbear fix for static ip	r569	# iptables-save and -restore are slaves of iptables and thus are set accordingly
Unknown kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...	r502	chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
		fi
Unknown iptables fix...	r279
Jan Wagner comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig	r71	# Install iptables systemd service
drtyhlpr Added Raspberry Pi 3 model support	r94	install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
Jan Wagner comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig	r71	# Install flush-table script called by iptables service
drtyhlpr Added Raspberry Pi 3 model support	r94	install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
Jan Wagner comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig	r71	# Install iptables rule file
drtyhlpr Added Raspberry Pi 3 model support	r94	install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
		# Reload systemd configuration and enable iptables service
		chroot_exec systemctl daemon-reload
		chroot_exec systemctl enable iptables.service

		if [ "$ENABLE_IPV6" = true ] ; then
Unknown kernel features + nexmon monitor mode wlan patch(kali-kernel) with RPI3,RPI3B+ firmware patch...	r502	if [ "$KERNEL_NF" = false ] ; then
Unknown formating and dropbear fix for static ip	r569	# iptables-save and -restore are slaves of iptables and thus are set accordingly
drtyhlpr Merge branch 'testing' into dropbear	r530	chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy
Unknown formating and dropbear fix for static ip	r569	fi

Jan Wagner comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig	r71	# Install ip6tables systemd service
drtyhlpr Added Raspberry Pi 3 model support	r94	install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
Jan Wagner comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig	r71	# Install ip6tables file
drtyhlpr Added Raspberry Pi 3 model support	r94	install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
drtyhlpr Added Raspberry Pi 3 model support	r94	install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56
		# Reload systemd configuration and enable iptables service
		chroot_exec systemctl daemon-reload
		chroot_exec systemctl enable ip6tables.service
		fi
drtyhlpr fast fix for issues/128...	r240
		if [ "$ENABLE_SSHD" = false ] ; then
		# Remove SSHD related iptables rules
		sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
		sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
		fi
Filip Pytloun Refactor: split bootstrap actions and allow custom	r56	fi