#!/bin/sh
#
#  This is automatically generated file. DO NOT MODIFY !
#
#  Firewall Builder  fwb_ipfw v4.2.0.3499
#
#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
#
# files: * firewall7.fw /etc/firewall7.fw
#
#
#
# Compiled for ipfw 
#
# testing rules with broadcasts





cd /etc || exit 1

IFCONFIG="/sbin/ifconfig"
PFCTL="/sbin/pfctl"
IPFW="/sbin/ipfw"
IPF="/sbin/ipf"
IPNAT="/sbin/ipnat"
SYSCTL="/sbin/sysctl"
LOGGER="/usr/bin/logger"

log() {
    echo "$1"
    command -v "$LOGGER" >/dev/null 2>&1 && $LOGGER -p info "$1"
}

diff_intf() {
    func=$1
    list1=$2
    list2=$3
    cmd=$4
    for intf in $list1
    do
        echo $list2 | grep -q $intf || {
        # $vlan is absent in list 2
            $func $intf $cmd
        }
    done
}

verify_interfaces() {
    :
    
}

set_kernel_vars() {
    :
    
}

prolog_commands() {
    echo "Running prolog script"
    
}

epilog_commands() {
    echo "Running epilog script"
    
}

run_epilog_and_exit() {
    epilog_commands
    exit $1
}

configure_interfaces() {
    :
    
}

log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"

set_kernel_vars
configure_interfaces
prolog_commands

"$IPFW" set disable 1
"$IPFW" add 1 set 1 check-state ip from any to any




# ================ IPv4


# ================ Rule set Policy
# 
# Rule  0 (eth0)
"$IPFW" add 10 set 1 drop    log all  from any  to 192.168.1.255  in  recv eth0  || exit 1
# 
# Rule  1 (eth1)
"$IPFW" add 20 set 1 drop    log all  from any  to me  in  recv eth1  || exit 1
# 
# Rule  2 (global)
"$IPFW" add 30 set 1 permit udp  from any  to 192.168.1.255 68     keep-state  || exit 1
# 
# Rule  fallback rule
#    fallback rule 
"$IPFW" add 40 set 1 drop   all  from any  to any       || exit 1

epilog_commands

"$IPFW" set swap 0 1 || exit 1
"$IPFW" delete set 1