X-Git-Url: https://git.xandkar.net/?a=blobdiff_plain;ds=sidebyside;f=bin%2Fmypeetables;fp=bin%2Fmypeetables;h=0000000000000000000000000000000000000000;hb=a68d5744f8758fc77c34c612edac06dbc0bea129;hp=52636b194e24f82b1d849b4b1060c48bdf6d28ec;hpb=e184ff59e5cc01f9f62d0be272b77e59e149a6f1;p=khome.git

diff --git a/bin/mypeetables b/bin/mypeetables
deleted file mode 100755
index 52636b1..0000000
--- a/bin/mypeetables
+++ /dev/null
@@ -1,112 +0,0 @@
-#! /bin/bash
-
-set -e
-
-PATH="/sbin:$PATH"
-
-DIR_CFG="/home/siraaj/etc/mypeetables"
-FILE_HOSTS_BLACKLIST="$DIR_CFG/hosts_blacklist"
-FILE_PORTS_OPEN="$DIR_CFG/ports_open"
-
-set_policy__accept() {
-    iptables -P INPUT   ACCEPT
-    iptables -P OUTPUT  ACCEPT
-    iptables -P FORWARD ACCEPT
-}
-
-set_policy__drop() {
-    iptables -P INPUT   DROP
-    iptables -P OUTPUT  DROP
-    iptables -P FORWARD DROP
-}
-
-flush() {
-    iptables -F
-    iptables -X
-    iptables -t nat -F
-    iptables -t nat -X
-    iptables -t mangle -F
-    iptables -t mangle -X
-
-    set_policy__accept
-}
-
-drop_offenders() {
-    cat "$FILE_HOSTS_BLACKLIST" \
-    | grep -v '^#' \
-    | grep -v '^ *$' \
-    | while read addr; do
-        iptables -A INPUT -s "$addr" -j DROP
-    done
-}
-
-accept() {
-    # accept established connections
-    iptables -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT
-    iptables -A OUTPUT  -m state --state ESTABLISHED,RELATED -j ACCEPT
-    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-
-    # accept all traffic on loopback inteface
-    iptables -A INPUT  -i lo -j ACCEPT
-    iptables -A OUTPUT -o lo -j ACCEPT
-
-    # accept outgoing connections
-    iptables -A INPUT  -s $(hostname) -m state --state NEW -j ACCEPT
-    iptables -A OUTPUT                -m state --state NEW -j ACCEPT
-
-    # accept icmp
-    #iptables -A INPUT -p icmp -j ACCEPT
-
-    # Services
-    cat "$FILE_PORTS_OPEN" \
-    | grep -v '^#' \
-    | grep -v '^ *$' \
-    | while read port protocol; do
-        iptables \
-            -A INPUT \
-            -m state \
-            --state NEW \
-            -p "$protocol" \
-            -m "$protocol" \
-            --dport "$port" \
-            -j ACCEPT
-    done
-
-
-}
-
-reject() {
-    iptables -A INPUT   -j NFLOG
-    iptables -A FORWARD -j NFLOG
-    #iptables -A INPUT   -j REJECT --reject-with icmp-host-prohibited
-    #iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited
-}
-
-command_off() {
-    flush
-}
-
-command_on() {
-    flush
-    set_policy__drop
-    accept
-    drop_offenders
-    reject
-}
-
-failwith() {
-    error_msg="$1"
-    echo "$error_msg" >&2
-    exit 1
-}
-
-main() {
-    command="$1"
-    case "$command"
-    in  'on'  ) command_on
-    ;;  'off' ) command_off
-    ;;  *     ) failwith "Error: Unknown command: \"$command\". Known: on, off."
-    esac
-}
-
-main "$@"