hooks/graphicsfw : correction des règles iptables REF #12175 @1h

This commit is contained in:
Klaas TJEBBES 2016-04-18 17:15:49 +02:00
父節點 575c328926
當前提交 7c0a6e6065
共有 1 個文件被更改,包括 2 次插入5 次删除

查看文件

@ -31,12 +31,9 @@ function open_port()
for ((i = 0; i < ${#authorized_ip[*]}; i +=1))
do
${IPTABLES} -I eth0-root -s ${authorized_ip[$i]}/${authorized_netmask[$i]} -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
if [[ $? -eq 0 ]]
then
echo "/sbin/iptables -A eth0-root -s ${authorized_ip[$i]}/${authorized_netmask[$i]} -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
fi
[[ ${?} -eq 0 ]] && echo "/sbin/iptables -I eth0-root -s ${authorized_ip[$i]}/${authorized_netmask[$i]} -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
${IPTABLES} -I eth0-root -s $(CreoleGet one_master_ip) -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
[[ ${?} -eq 0 ]] && echo "/sbin/iptables -A eth0-root -s $(CreoleGet one_master_ip) -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
[[ ${?} -eq 0 ]] && echo "/sbin/iptables -I eth0-root -s $(CreoleGet one_master_ip) -p tcp -m tcp --dport ${vm_port} --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT" >> "${RULES_FILE}"
done
}