firewall/ipt-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

support Resolver for specified (local) network. Part 2

Browse Source
This commit is contained in:
Christoph 2019-09-01 20:59:38 +02:00
parent 8e85e893ad
commit 2665010eb3
2 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
ip6t-firewall-server
View File

@ -1038,6 +1038,23 @@ else
fi fi
# ---
# - local Resolver"
# ---
echononl "\t\tlocal Resolver"
if [[ -n "$local_resolver_service" ]] && $local_resolver_service ; then
if [[ -z "$resolver_allowed_net" ]] ; then
echo_failed
else
$ip6t -A INPUT -p udp -s $resolver_allowed_net --dport $resolver_port -m conntrack --ctstate NEW -j ACCEPT
echo_done
fi
else
echo_skipped
fi
# --- # ---
# - SSH out only # - SSH out only
# --- # ---
@ -1690,7 +1707,7 @@ echo_done
# --- # ---
echononl "\t\tNTP local Service" echononl "\t\tNTP local Service"
if [[ -n $local_ntp_service ]] && $local_ntp_service ; then if [[ -n "$local_ntp_service" ]] && $local_ntp_service ; then
if [[ -z "$ntp_allowed_net" ]] ; then if [[ -z "$ntp_allowed_net" ]] ; then
echo_failed echo_failed
else else

19
ipt-firewall-server
View File

@ -1282,6 +1282,23 @@ else
fi fi
# ---
# - local Resolver"
# ---
echononl "\t\tlocal Resolver"
if [[ -n "$local_resolver_service" ]] && $local_resolver_service ; then
if [[ -z "$resolver_allowed_net" ]] ; then
echo_failed
else
$ipt -A INPUT -p udp -s $resolver_allowed_net --dport $resolver_port -m conntrack --ctstate NEW -j ACCEPT
echo_done
fi
else
echo_skipped
fi
# --- # ---
# - SSH out only # - SSH out only
# --- # ---
@ -1934,7 +1951,7 @@ echo_done
# --- # ---
echononl "\t\tNTP local Service" echononl "\t\tNTP local Service"
if [[ -n $local_ntp_service ]] && $local_ntp_service ; then if [[ -n "$local_ntp_service" ]] && $local_ntp_service ; then
if [[ -z "$ntp_allowed_net" ]] ; then if [[ -z "$ntp_allowed_net" ]] ; then
echo_failed echo_failed
else else