#!/bin/sh # ----------------------------------------------------------------------------- # ------------------------[ MANAGED BY PUPPET ]-------------------------------- # ----------------------------------------------------------------------------- # # ferm Configure ferm firewall rules from /etc/ferm.conf # # Inspired by Max Kellermann # # Version: $Revision: 001 $ ### BEGIN INIT INFO # Provides: ferm # Required-Start: $network $remote_fs # Required-Stop: $network $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Description: Starts ferm firewall configuration # short-description: ferm firewall configuration ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin FERM=/usr/sbin/ferm CONFIG=/etc/ferm.conf NAME=ferm DESC="firewall" test -x "${FERM}" || exit 0 test -f "${CONFIG}" || exit 0 # shellcheck disable=SC1091 [ -r /etc/sysconfig/ferm ] && . /etc/sysconfig/ferm lockfile=/var/lock/subsys/$NAME umask 0077 FAST=${FAST:-yes} OPTIONS="${OPTIONS}" set -e # shellcheck disable=SC2086 configure_ferm() { if [ "${FAST}" = "yes" ]; then ${FERM} ${OPTIONS} ${CONFIG} || return ${?} else ${FERM} ${OPTIONS} --slow ${CONFIG} || return ${?} fi } case "${1}" in start|reload|restart|force-reload) # shellcheck disable=SC2039 echo -n "${1}ing ${DESC}" "${NAME}" configure_ferm RETVAL=$? if [ $RETVAL -eq 0 ]; then touch $lockfile echo " ... ok." else echo "... failed!" fi exit $RETVAL ;; stop) # shellcheck disable=SC2039 echo -n "stopping ${DESC}" "${NAME}" OPTIONS="${OPTIONS} --flush" configure_ferm RETVAL=$? if [ $RETVAL -eq 0 ]; then rm -f $lockfile echo " ... ok." else echo "... failed!" fi exit $RETVAL ;; status) if [ -f $lockfile ]; then echo "${NAME} has configured iptables rules." else echo "${NAME} has NOT configured iptables rules." exit 1 fi ;; *) N=/etc/init.d/${NAME} echo "Usage: ${N} {start|stop|restart|reload|force-reload|status}" exit 1 ;; esac exit 0