aboutsummaryrefslogtreecommitdiff
path: root/share/provision/ipredator
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2019-01-03 17:01:29 -0200
committerSilvio Rhatto <rhatto@riseup.net>2019-01-03 17:01:29 -0200
commit81fbd1a3b93b8ec7abc5af38e9ffa4fa492e3f74 (patch)
tree8c60706bd046ebdb33f8953402772dba160de815 /share/provision/ipredator
parent35e0621effa975cfe0e64d1bd5c71bda69c65332 (diff)
downloadkvmx-81fbd1a3b93b8ec7abc5af38e9ffa4fa492e3f74.tar.gz
kvmx-81fbd1a3b93b8ec7abc5af38e9ffa4fa492e3f74.tar.bz2
Provision: IPredator: firewall support
Diffstat (limited to 'share/provision/ipredator')
-rwxr-xr-xshare/provision/ipredator12
1 files changed, 11 insertions, 1 deletions
diff --git a/share/provision/ipredator b/share/provision/ipredator
index 8ceb348..ca762c9 100755
--- a/share/provision/ipredator
+++ b/share/provision/ipredator
@@ -29,7 +29,17 @@ APT_INSTALL="sudo LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y"
# Provision the basic stuff
$DIRNAME/vpn $HOSTNAME $DOMAIN $MIRROR
-# ipredator
+# Firewall
+# See https://blog.ipredator.se/linux-firewall-howto.html
+$APT_INSTALL ferm ulogd2 ulogd2-pcap
+sudo cp $DIRNAME/files/ipredator/etc/ferm/ferm.conf /etc/ferm
+sudo cp $DIRNAME/files/ipredator/etc/udev/rules.d/81-vpn-firewall.rules /etc/udev/rules.d
+sudo cp $DIRNAME/files/ipredator/usr/local/bin/fermreload.sh /usr/local/bin
+sudo chmod 555 /usr/local/bin/fermreload.sh
+sudo sed -i -e 's/^ENABLED=.*$/ENABLED="yes"/' /etc/default/ferm
+sudo service ferm restart
+
+# IPredator
# See https://www.ipredator.se/guide/openvpn/debian/native
sudo cp $DIRNAME/files/ipredator/etc/openvpn/ipredator.conf /etc/openvpn
sudo touch /etc/openvpn/ipredator.auth