aboutsummaryrefslogtreecommitdiff
path: root/share/provision/files/njalla-wireguard/usr/local/bin
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2020-11-06 19:33:02 -0300
committerSilvio Rhatto <rhatto@riseup.net>2020-11-06 19:33:02 -0300
commita95c84c5cc9cdd4bced26bdb2c5c1908ffcaa6b5 (patch)
treef1be0c3a1f1a738b1522816498078732917adac9 /share/provision/files/njalla-wireguard/usr/local/bin
parent44aa200f3fc65c52b58bb49533bbfd17530911d0 (diff)
downloadkvmx-a95c84c5cc9cdd4bced26bdb2c5c1908ffcaa6b5.tar.gz
kvmx-a95c84c5cc9cdd4bced26bdb2c5c1908ffcaa6b5.tar.bz2
Feat: provision: njalla-wireguard: firewall config
Diffstat (limited to 'share/provision/files/njalla-wireguard/usr/local/bin')
-rwxr-xr-xshare/provision/files/njalla-wireguard/usr/local/bin/fermreload.sh39
1 files changed, 39 insertions, 0 deletions
diff --git a/share/provision/files/njalla-wireguard/usr/local/bin/fermreload.sh b/share/provision/files/njalla-wireguard/usr/local/bin/fermreload.sh
new file mode 100755
index 0000000..cebf7cc
--- /dev/null
+++ b/share/provision/files/njalla-wireguard/usr/local/bin/fermreload.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+#
+# fermreload.sh
+# V: 0.1
+#
+# Reloads the ferm firewall ruleset and is invoked by
+# the udev via /etc/udev/rules.d/81-vpn-firewall.rules.
+#
+# IPredator 2014
+# Released under the Kopimi license.
+#
+# Blog post: https://blog.ipredator.se/linux-firewall-howto.html
+#
+
+LOGGER=/usr/bin/logger
+LOGGER_TAG=$0
+
+UDEV_ACTION=$1
+
+FERM=/usr/sbin/ferm
+FERM_CONF=/etc/ferm/ferm.conf
+
+MSG_FW_RULE_ADD="Adding VPN firewall rules."
+MSG_FW_RULE_REMOVE="Removing VPN firewall rules."
+MSG_UDEV_ACTION_UNKNOWN="Unknown udev action."
+
+case "$UDEV_ACTION" in
+ add)
+ $LOGGER -t $LOGGER_TAG $MSG_FW_RULE_ADD
+ $FERM $FERM_CONF
+ ;;
+ remove)
+ $LOGGER -t $LOGGER_TAG $MSG_FW_RULE_REMOVE
+ $FERM $FERM_CONF
+ ;;
+ *)
+ $LOGGER -t $LOGGER_TAG $MSG_UDEV_ACTION_UNKNOWN
+ exit 1
+esac