Tree - rpms/arptables - CentOS Git server

rpms / arptables

Files

Blob Blame History Raw

 #!/bin/sh
# config: /etc/sysconfig/arptables
 
# Source 'em up
. /etc/init.d/functions
 
ARPTABLES_CONFIG=/etc/sysconfig/arptables
 
arp_table() {
	if fgrep -qsx $1 /proc/net/arp_tables_names; then
		arptables -t "$@"
	fi
}
 
flush_delete_chains() {
	chains=$(cat /proc/net/arp_tables_names 2>/dev/null)
	echo -n $"Flushing all chains:"
	let ret=0
	for i in $chains; do arptables -t $i -F; let ret+=$?; done
	arptables -F; let ret+=$?
	if [ $ret -eq 0 ]; then
		success
	else
		failure
	fi
	echo
 
	echo -n $"Removing user defined chains:"
	let ret=0
	for i in $chains; do arptables -t $i -X; let ret+=$?; done
	arptables -X; let ret+=$?
	if [ $ret -eq 0 ]; then
		success
	else
		failure
	fi
	echo
}
 
start() {
	if [ ! -x /usr/sbin/arptables ]; then
		exit 4
	fi
 
	# don't do squat if we don't have the config file
	if [ -f $ARPTABLES_CONFIG ]; then
		# If we don't clear these first, we might be adding to
		# pre-existing rules.
                flush_delete_chains
 
		for i in $(cat /proc/net/arp_tables_names 2>/dev/null); do
			arptables -t $i -Z;
		done
 
		echo -n $"Applying arptables firewall rules: "
		/usr/sbin/arptables-restore < $ARPTABLES_CONFIG && \
			success || \
			failure
		echo
		touch /var/lock/subsys/arptables
	else
		failure
		echo
		echo $"Configuration file /etc/sysconfig/arptables missing"
		exit 6
	fi
}
 
stop() {
        flush_delete_chains
	echo -n $"Resetting built-in chains to the default ACCEPT policy:"
	arp_table filter -P INPUT ACCEPT && \
		arp_table filter -P OUTPUT ACCEPT && \
		success || \
		failure
	echo
	rm -f /var/lock/subsys/arptables
}
 
case "$1" in
start)
	start
	;;
 
stop)
	stop
	;;
 
restart|reload)
	# "restart" is really just "start" as this isn't a daemon,
	# and "start" clears any pre-defined rules anyway.
	# This is really only here to make those who expect it happy
	start
	;;
 
condrestart|try-restart|force-reload)
	[ -e /var/lock/subsys/arptables ] && start
	;;
 
*)
	exit 2
esac
 
exit 0

	#!/bin/sh
	# config: /etc/sysconfig/arptables

	# Source 'em up
	. /etc/init.d/functions

	ARPTABLES_CONFIG=/etc/sysconfig/arptables

	arp_table() {
	if fgrep -qsx $1 /proc/net/arp_tables_names; then
	arptables -t "$@"
	fi
	}

	flush_delete_chains() {
	chains=$(cat /proc/net/arp_tables_names 2>/dev/null)
	echo -n $"Flushing all chains:"
	let ret=0
	for i in $chains; do arptables -t $i -F; let ret+=$?; done
	arptables -F; let ret+=$?
	if [ $ret -eq 0 ]; then
	success
	else
	failure
	fi
	echo

	echo -n $"Removing user defined chains:"
	let ret=0
	for i in $chains; do arptables -t $i -X; let ret+=$?; done
	arptables -X; let ret+=$?
	if [ $ret -eq 0 ]; then
	success
	else
	failure
	fi
	echo
	}

	start() {
	if [ ! -x /usr/sbin/arptables ]; then
	exit 4
	fi

	# don't do squat if we don't have the config file
	if [ -f $ARPTABLES_CONFIG ]; then
	# If we don't clear these first, we might be adding to
	# pre-existing rules.
	flush_delete_chains

	for i in $(cat /proc/net/arp_tables_names 2>/dev/null); do
	arptables -t $i -Z;
	done

	echo -n $"Applying arptables firewall rules: "
	/usr/sbin/arptables-restore < $ARPTABLES_CONFIG && \
	success \|\| \
	failure
	echo
	touch /var/lock/subsys/arptables
	else
	failure
	echo
	echo $"Configuration file /etc/sysconfig/arptables missing"
	exit 6
	fi
	}

	stop() {
	flush_delete_chains
	echo -n $"Resetting built-in chains to the default ACCEPT policy:"
	arp_table filter -P INPUT ACCEPT && \
	arp_table filter -P OUTPUT ACCEPT && \
	success \|\| \
	failure
	echo
	rm -f /var/lock/subsys/arptables
	}

	case "$1" in
	start)
	start
	;;

	stop)
	stop
	;;

	restart\|reload)
	# "restart" is really just "start" as this isn't a daemon,
	# and "start" clears any pre-defined rules anyway.
	# This is really only here to make those who expect it happy
	start
	;;

	condrestart\|try-restart\|force-reload)
	[ -e /var/lock/subsys/arptables ] && start
	;;

	*)
	exit 2
	esac

	exit 0

rpms / arptables

Source Code

Files