projects / firewall-squeep / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
streamlined more common functionality
[firewall-squeep] / firewall.sh
diff --git a/firewall.sh b/firewall.sh
index 34184eefcdaa2091b669dcca60a0c6e2cfda0697..4106807247651f4dfa3ae9fdbcf3dd93bd4aec66 100755 (executable)
--- a/firewall.sh
+++ b/firewall.sh
@@ -2,9 +2,7 @@
 
 set -e
 
-IPTABLES=$(which iptables)
-IP6TABLES=$(which ip6tables)
-IPSET=$(which ipset)
+. ./common.sh
 
 debug=0
 
@@ -73,8 +71,9 @@ do
        $IPTABLES -A INPUT -p tcp --tcp-flags ${flags} -j DROP
 done
 
-$IPSET -exist create allowed_udp bitmap:port range 0-65535
-$IPSET -exist create allowed_tcp bitmap:port range 0-65535
+create_set allowed_udp bitmap:port range 0-65535
+create_set allowed_tcp bitmap:port range 0-65535
+
 for p in 22 25 53 80 143 443 587 993 1194 5000 5222 5269 22556 64738
 do
        $IPSET -exist add allowed_tcp ${p}
squeep firewall skeleton - very basic initialization scripts for edge servers