1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
#!/bin/sh
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipf v4.2.0.3499
#
# Generated Sat Mar 12 19:44:27 2011 PST by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2-ipf.conf /etc/fw/firewall2-ipf.conf
# files: firewall2-nat.conf /etc/fw/firewall2-nat.conf
#
# Compiled for ipf
#
# this object has several interfaces and shows different rules for NAT. Also testing policy rule options
# firewall2:Policy:9: warning: Changing rule direction due to self reference
# firewall2:NAT:17: warning: Expanding port range test-TCP creates 41 rules
FWDIR=`dirname $0`
IFCONFIG="/sbin/ifconfig"
PFCTL="/sbin/pfctl"
IPFW="/sbin/ipfw"
IPF="/sbin/ipf"
IPNAT="/sbin/ipnat"
SYSCTL="/sbin/sysctl"
LOGGER="/usr/bin/logger"
log() {
echo "$1"
command -v "$LOGGER" >/dev/null 2>&1 && $LOGGER -p info "$1"
}
diff_intf() {
func=$1
list1=$2
list2=$3
cmd=$4
for intf in $list1
do
echo $list2 | grep -q $intf || {
# $vlan is absent in list 2
$func $intf $cmd
}
done
}
verify_interfaces() {
:
}
set_kernel_vars() {
:
}
prolog_commands() {
:
}
epilog_commands() {
:
}
run_epilog_and_exit() {
epilog_commands
exit $1
}
configure_interfaces() {
:
}
log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
set_kernel_vars
configure_interfaces
prolog_commands
$IPF -Fa
$IPNAT -C
$IPF -I -f /etc/fw/firewall2-ipf.conf
$IPNAT -f /etc/fw/firewall2-nat.conf
$IPF -s
epilog_commands
/sbin/kldstat -n ipl.ko > /dev/null 2>&1 || $IPF -E
|
