firewall uses services
[firewall-squeep] / trusted.sh
1 #!/bin/sh
2
3 set -e
4
5 . ./common.sh
6
7 set_name='trusted'
8
9 if [ $# -eq 1 -a "x$1" = "xremove" ]
10 then
11 $IPTABLES -D INPUT -m set --match-set "${set_name}" src -j ACCEPT || echo "no rule '${set_name}' to remove"
12 $IP6TABLES -D INPUT -m set --match-set "${set_name}6" src -j ACCEPT || echo "no rule '${set_name}6' to remove"
13 $IPSET destroy "${set_name}" || echo "no set '${set_name}' to remove"
14 $IPSET destroy "${set_name}6" || echo "no set '${set_name}6' to remove"
15 exit 0
16 fi
17
18 create_set "${set_name}" hash:net
19 create_set "${set_name}6" hash:net family inet6
20
21 insert_setmatch_rules "${set_name}" -j ACCEPT
22
23 reload_cidr_sets "${set_name}"
24