blob: fc2001d37300a20539cfeeaa92ef00cc71913dc4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
#!/bin/sh
# -----------------------------------------------------------------------------
# ------------------------[ MANAGED BY PUPPET ]--------------------------------
# -----------------------------------------------------------------------------
#
# ferm Configure ferm firewall rules from /etc/ferm.conf
#
# Inspired by Max Kellermann <max@duempel.org>
#
# Version: $Revision: 001 $
### BEGIN INIT INFO
# Provides: ferm
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Starts ferm firewall configuration
# short-description: ferm firewall configuration
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
FERM=/usr/sbin/ferm
CONFIG=/etc/ferm.conf
NAME=ferm
DESC="firewall"
test -x "${FERM}" || exit 0
test -f "${CONFIG}" || exit 0
# shellcheck disable=SC1091
[ -r /etc/sysconfig/ferm ] && . /etc/sysconfig/ferm
lockfile=/var/lock/subsys/$NAME
umask 0077
FAST=${FAST:-yes}
OPTIONS="${OPTIONS}"
set -e
# shellcheck disable=SC2086
configure_ferm() {
if [ "${FAST}" = "yes" ]; then
${FERM} ${OPTIONS} ${CONFIG} || return ${?}
else
${FERM} ${OPTIONS} --slow ${CONFIG} || return ${?}
fi
}
case "${1}" in
start|reload|restart|force-reload)
# shellcheck disable=SC2039
echo -n "${1}ing ${DESC}" "${NAME}"
configure_ferm
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
touch $lockfile
echo " ... ok."
else
echo "... failed!"
fi
exit $RETVAL
;;
stop)
# shellcheck disable=SC2039
echo -n "stopping ${DESC}" "${NAME}"
OPTIONS="${OPTIONS} --flush"
configure_ferm
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
rm -f $lockfile
echo " ... ok."
else
echo "... failed!"
fi
exit $RETVAL
;;
status)
if [ -f $lockfile ]; then
echo "${NAME} has configured iptables rules."
else
echo "${NAME} has NOT configured iptables rules."
exit 1
fi
;;
*)
N=/etc/init.d/${NAME}
echo "Usage: ${N} {start|stop|restart|reload|force-reload|status}"
exit 1
;;
esac
exit 0
|
