1 |
dungog |
1.1 |
--- smeserver-dansguardian-2.9/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk40networks.block8080 2008-05-30 18:07:28.000000000 +1000 |
2 |
|
|
+++ smeserver-dansguardian-2.9/root/etc/e-smith/templates/etc/rc.d/init.d/masq/90local_chk40networks 2008-05-30 18:12:04.000000000 +1000 |
3 |
|
|
@@ -1,15 +1,17 @@ |
4 |
|
|
{ |
5 |
|
|
- return "" unless ( ($dansguardian{portblocking} || "no") eq 'yes'); |
6 |
|
|
+ return "" unless ( ($dansguardian{portblocking} || "no") eq 'yes'); |
7 |
|
|
|
8 |
|
|
my $locals = "@locals"; |
9 |
|
|
if (@locals) |
10 |
|
|
{ |
11 |
|
|
- $OUT .=<<"EOF"; |
12 |
|
|
- for network in $locals |
13 |
|
|
- do |
14 |
|
|
- /sbin/iptables -A \$NEW_local_chk -s \$network -p tcp --destination-port 3128 -j DROP |
15 |
|
|
- /sbin/iptables -A \$NEW_local_chk -d \$network -p tcp --destination-port 3128 -j DROP |
16 |
|
|
- done |
17 |
|
|
+ $OUT .=<<"EOF"; |
18 |
|
|
+ for network in $locals |
19 |
|
|
+ do |
20 |
|
|
+ /sbin/iptables -A \$NEW_local_chk -d $LocalIP/$LocalNetmask -j ACCEPT |
21 |
|
|
+ /sbin/iptables -A \$NEW_local_chk -s \$network -p tcp --destination-port $squid{TransparentPort} -j DROP |
22 |
|
|
+ /sbin/iptables -A \$NEW_local_chk -s \$network -p tcp --destination-port $squid{TCPPort} -j DROP |
23 |
|
|
+ /sbin/iptables -A \$NEW_local_chk -d \$network -p tcp --destination-port $squid{TCPPort} -j DROP |
24 |
|
|
+ done |
25 |
|
|
EOF |
26 |
|
|
} |
27 |
|
|
} |