xeno add

[firewall-squeep] / xenophobe.sh

diff --git a/xenophobe.sh b/xenophobe.sh
index 91d250a3eb3e6748ecd5075e750ed39a5c3c998c..b4470cacf396d3286b10f2ba7d6e49b8f61be905 100755 (executable)
--- a/xenophobe.sh
+++ b/xenophobe.sh
@@ -16,11 +16,11 @@ then
         exit 0
 fi
 
-create_set "${set_name}" hash:net
-create_set "${set_name}6" hash:net family inet6
+create_set "${set_name}" hash:net counters
+create_set "${set_name}6" hash:net counters family inet6
 
 # create or re-init chains
-if ! $IPTABLES -L "${chain}" >/dev/null
+if ! $IPTABLES -L "${chain}" >/dev/null 2>&1
 then
        echo "initializing chain '${chain}'"
        $IPTABLES -N "${chain}" || $IPTABLES -F "${chain}"
@@ -29,7 +29,7 @@ then
        $IPTABLES -v -L "${chain}"
 fi
 
-if ! $IP6TABLES -L "${chain}" >/dev/null
+if ! $IP6TABLES -L "${chain}" >/dev/null 2>&1
 then
        echo "initializing chain '${chain}' ipv6"
        $IP6TABLES -N "${chain}" || $IP6TABLES -F "${chain}"
@@ -40,5 +40,5 @@ fi
 
 insert_setmatch_rules "${set_name}" -j "${chain}"
 
-reload_cidr_sets "${set_name}"
+reload_cidr_sets "${set_name}" counters