Fix error for not firewalled interfaces.
This commit is contained in:
parent
e7311a3963
commit
f0e15b992b
@ -40,7 +40,7 @@ drop_icmp=false
|
|||||||
# --- Allow all outgoing traffic
|
# --- Allow all outgoing traffic
|
||||||
# -------------
|
# -------------
|
||||||
|
|
||||||
# - unprotected_ifs
|
# - allow_all_outgoing_traffic
|
||||||
# -
|
# -
|
||||||
# - Posiible values are 'true' and 'false'
|
# - Posiible values are 'true' and 'false'
|
||||||
# -
|
# -
|
||||||
|
|||||||
@ -40,7 +40,7 @@ drop_icmp=false
|
|||||||
# --- Allow all outgoing traffic
|
# --- Allow all outgoing traffic
|
||||||
# -------------
|
# -------------
|
||||||
|
|
||||||
# - unprotected_ifs
|
# - allow_all_outgoing_traffic
|
||||||
# -
|
# -
|
||||||
# - Posiible values are 'true' and 'false'
|
# - Posiible values are 'true' and 'false'
|
||||||
# -
|
# -
|
||||||
|
|||||||
@ -372,10 +372,12 @@ if [[ ${#unprotected_if_arr[@]} -gt 0 ]]; then
|
|||||||
if $log_unprotected || $log_all ; then
|
if $log_unprotected || $log_all ; then
|
||||||
$ip6t -t mangle -A PREROUTING -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
$ip6t -t mangle -A PREROUTING -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
||||||
$ip6t -A OUTPUT -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
$ip6t -A OUTPUT -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
||||||
|
$ip6t -A INPUT -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
||||||
$ip6t -A FORWARD -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
$ip6t -A FORWARD -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}: "
|
||||||
fi
|
fi
|
||||||
$ip6t -t mangle -A PREROUTING -i $_dev -j ACCEPT
|
$ip6t -t mangle -A PREROUTING -i $_dev -j ACCEPT
|
||||||
$ip6t -A OUTPUT -o $_dev -j ACCEPT
|
$ip6t -A OUTPUT -o $_dev -j ACCEPT
|
||||||
|
$ip6t -A INPUT -i $_dev -j ACCEPT
|
||||||
$ip6t -A FORWARD -o $_dev -j ACCEPT
|
$ip6t -A FORWARD -o $_dev -j ACCEPT
|
||||||
done
|
done
|
||||||
echo_done
|
echo_done
|
||||||
|
|||||||
@ -432,10 +432,12 @@ if [[ ${#unprotected_if_arr[@]} -gt 0 ]]; then
|
|||||||
if $log_unprotected || $log_all ; then
|
if $log_unprotected || $log_all ; then
|
||||||
$ipt -t mangle -A PREROUTING -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
$ipt -t mangle -A PREROUTING -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
||||||
$ipt -A OUTPUT -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
$ipt -A OUTPUT -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
||||||
|
$ipt -A INPUT -i $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
||||||
$ipt -A FORWARD -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
$ipt -A FORWARD -o $_dev -j $LOG_TARGET $tag_log_prefix "$log_prefix Not firewalled ${_dev}:"
|
||||||
fi
|
fi
|
||||||
$ipt -t mangle -A PREROUTING -i $_dev -j ACCEPT
|
$ipt -t mangle -A PREROUTING -i $_dev -j ACCEPT
|
||||||
$ipt -A OUTPUT -o $_dev -j ACCEPT
|
$ipt -A OUTPUT -o $_dev -j ACCEPT
|
||||||
|
$ipt -A INPUT -i $_dev -j ACCEPT
|
||||||
$ipt -A FORWARD -o $_dev -j ACCEPT
|
$ipt -A FORWARD -o $_dev -j ACCEPT
|
||||||
done
|
done
|
||||||
echo_done
|
echo_done
|
||||||
@ -1267,12 +1269,6 @@ else
|
|||||||
echo_skipped
|
echo_skipped
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# - unprotected_ifs
|
|
||||||
# -
|
|
||||||
# - Posiible values are 'true' and 'false'
|
|
||||||
# -
|
|
||||||
allow_all_outgoing_traffic=false
|
|
||||||
|
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
# - Don't allow traffic into private networks
|
# - Don't allow traffic into private networks
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user