Raspi2-3_GenImage Commit - r319:de6ff405b16b · Collaboration Tremplin des Sciences

error

Unknown -

r319:de6ff405b16b

parent child

Context file:

r319:de6ff405b16b

Collapse all files

bootstrap.d/21-firewall.sh 0 -5

              #!/bin/bash
              #
              # Setup Firewall
              #
              # Load utility functions
              . ./functions.sh
              if [ "$ENABLE_IPTABLES" = true ] ; then
                # Create iptables configuration directory
                mkdir -p "${ETC_DIR}/iptables"
                if ! [ "$RELEASE" = jessie ] ; then
-               	#setting slaves
-             	#chroot_exec update-alternatives --verbose --install /usr/sbin/iptables iptables /usr/sbin/iptables-legacy 1 \
-             	--slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-legacy-save \
-                 --slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-legacy-restore
-                 # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives
-             	chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
                fi
                # Install iptables systemd service
                install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
                # Install flush-table script called by iptables service
                install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"
                # Install iptables rule file
                install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"
                # Reload systemd configuration and enable iptables service
                chroot_exec systemctl daemon-reload
                chroot_exec systemctl enable iptables.service
                if [ "$ENABLE_IPV6" = true ] ; then
                  # Install ip6tables systemd service
                  install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
                  # Install ip6tables file
                  install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"
                  install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"
                  # Reload systemd configuration and enable iptables service
                  chroot_exec systemctl daemon-reload
                  chroot_exec systemctl enable ip6tables.service
                fi
                if [ "$ENABLE_SSHD" = false ] ; then
                 # Remove SSHD related iptables rules
                 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
                 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
                fi
              fi

General Comments 0

Écrire
Preview

Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages