#!/bin/sh # version 2.1.2 # see , route, flush # Source function library. echo 1 > /proc/sys/net/ipv4/ip_forward . /etc/rc.d/init.d/functions CONFFILE="/etc/clusterserver.conf" if [ ! -f ${CONFFILE} ]; then echo "Cant find ${CONFFILE} !" exit 1 fi . ${CONFFILE} IPCLIC=`/sbin/ifconfig ${CLIC_INTERFACE} | grep "inet ad" | sed -e "s/\\ Bcast.*$//; s/.*://" | sed -e "s/ //"` IPEXTERNAL=`/sbin/ifconfig ${EXTERNAL_INTERFACE} | grep "inet ad" | sed -e "s/\\ Bcast.*$//; s/.*://" | sed -e "s/ //"` IPBASE_CLIC="`echo ${IPCLIC} | awk -F. '{print $1"."$2"."$3}'`" IPBASE_EXTERNAL="`echo ${IPEXTERNAL} | awk -F. '{print $1"."$2"."$3}'`" IPTABLES="/sbin/iptables" case $1 in see) gprintf " - Filter rules" ${IPTABLES} -L -t filter -v -n echo gprintf " - NAT rules" ${IPTABLES} -L -t nat -v -n #gprintf "Mangle regles" #iptables -L -t mangle -v -n # echo gprintf " -end-" ;; share) $0 flush action "Postrouting ${IPBASE_CLIC} " ${IPTABLES} -t nat -A POSTROUTING -o ${CLIC_INTERFACE} -j MASQUERADE action "Postrouting ${IPBASE_EXTERNAL}" ${IPTABLES} -t nat -A POSTROUTING -o ${EXTERNAL_INTERFACE} -j MASQUERADE ;; flush) action "flushing Rules INPUT" ${IPTABLES} -F INPUT action "flushing Rules OUTPUT" ${IPTABLES} -F OUTPUT action "flushing Rules FORWARD" ${IPTABLES} -F FORWARD action "flushing Rules POSTROUTING" ${IPTABLES} -t nat --flush POSTROUTING action "flushing Rules PREROUTING" ${IPTABLES} -t nat --flush PREROUTING ;; *) gprintf "usage rapidfirewall : {see|share|flush}\n" ;; esac