firewall/ipt-gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Comment for special local network rules as local_net_to_local_ip

Browse Source
This commit is contained in:
Christoph 2017-04-07 22:12:50 +02:00
parent c21758eb14
commit 636f55f3a5
2 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ip6t-firewall-gateway
View File

@ -817,6 +817,10 @@ fi
# --- # ---
echononl "\tAllow local services from given local networks" echononl "\tAllow local services from given local networks"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \
&& $kernel_forward_between_interfaces ; then && $kernel_forward_between_interfaces ; then
@ -849,6 +853,9 @@ fi
echononl "\tAllow all traffic from local network to local ip-address" echononl "\tAllow all traffic from local network to local ip-address"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \
&& $kernel_forward_between_interfaces ; then && $kernel_forward_between_interfaces ; then
@ -878,6 +885,9 @@ fi
echononl "\tAllow all traffic from local ip-address to local network" echononl "\tAllow all traffic from local ip-address to local network"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \
&& $kernel_forward_between_interfaces ; then && $kernel_forward_between_interfaces ; then
@ -907,6 +917,9 @@ fi
echononl "\tAllow all traffic from local network to (another) local network" echononl "\tAllow all traffic from local network to (another) local network"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \
&& $kernel_forward_between_interfaces ; then && $kernel_forward_between_interfaces ; then
@ -936,6 +949,9 @@ fi
echononl "\tAllow local ip address from given local interface" echononl "\tAllow local ip address from given local interface"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \
&& $kernel_forward_between_interfaces ; then && $kernel_forward_between_interfaces ; then
@ -964,6 +980,10 @@ fi
# --- # ---
echononl "\tSeparate local networks.." echononl "\tSeparate local networks.."
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
for _net in ${separate_local_network_arr[@]}; do for _net in ${separate_local_network_arr[@]}; do
for _dev in ${local_if_arr[@]} ; do for _dev in ${local_if_arr[@]} ; do
@ -982,6 +1002,10 @@ fi
# --- # ---
echononl "\tSeparate local interfaces.." echononl "\tSeparate local interfaces.."
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
for _dev_1 in ${separate_local_if_arr[@]}; do for _dev_1 in ${separate_local_if_arr[@]}; do
for _dev_2 in ${local_if_arr[@]} ; do for _dev_2 in ${local_if_arr[@]} ; do

23
ipt-firewall-gateway
View File

@ -1163,6 +1163,9 @@ fi
# - Allow local services from given local networks # - Allow local services from given local networks
# --- # ---
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
echononl "\tAllow local services from given local networks" echononl "\tAllow local services from given local networks"
if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_service_arr[@]} -gt 0 ]] \
&& $kernel_activate_forwarding ; then && $kernel_activate_forwarding ; then
@ -1196,6 +1199,9 @@ fi
echononl "\tAllow all traffic from local network to local ip-address" echononl "\tAllow all traffic from local network to local ip-address"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_ip_arr[@]} -gt 0 ]] \
&& $kernel_activate_forwarding ; then && $kernel_activate_forwarding ; then
@ -1225,6 +1231,9 @@ fi
echononl "\tAllow all traffic from local ip-address to local network" echononl "\tAllow all traffic from local ip-address to local network"
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_ip_to_local_net_arr[@]} -gt 0 ]] \
&& $kernel_activate_forwarding ; then && $kernel_activate_forwarding ; then
@ -1252,6 +1261,9 @@ fi
# - Allow all traffic from (one) local network to (another) local network # - Allow all traffic from (one) local network to (another) local network
# --- # ---
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
echononl "\tAllow all traffic from local network to (another) local network" echononl "\tAllow all traffic from local network to (another) local network"
if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_net_to_local_net_arr[@]} -gt 0 ]] \
@ -1281,6 +1293,9 @@ fi
# - Allow local ip address from given local interface # - Allow local ip address from given local interface
# --- # ---
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
echononl "\tAllow local ip address from given local interface" echononl "\tAllow local ip address from given local interface"
if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \ if [[ ${#allow_local_if_to_local_ip_arr[@]} -gt 0 ]] \
@ -1310,7 +1325,11 @@ fi
# - Separate local networks # - Separate local networks
# --- # ---
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
echononl "\tSeparate local networks.." echononl "\tSeparate local networks.."
if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then if [[ ${#separate_local_network_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
for _net in ${separate_local_network_arr[@]}; do for _net in ${separate_local_network_arr[@]}; do
for _dev in ${local_if_arr[@]} ; do for _dev in ${local_if_arr[@]} ; do
@ -1328,7 +1347,11 @@ fi
# - Separate local interfaces # - Separate local interfaces
# --- # ---
# - !! Note:
# - does NOT depend on settings 'permit_between_local_networks' !!
# -
echononl "\tSeparate local interfaces.." echononl "\tSeparate local interfaces.."
if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then if [[ ${#separate_local_if_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
for _dev_1 in ${separate_local_if_arr[@]}; do for _dev_1 in ${separate_local_if_arr[@]}; do
for _dev_2 in ${local_if_arr[@]} ; do for _dev_2 in ${local_if_arr[@]} ; do