mirror of
https://github.com/firehol/firehol.git
synced 2024-06-30 19:02:21 +00:00
fixed debug mode when fast activating
This commit is contained in:
parent
502d70231c
commit
ae235d6500
43
firehol.sh
43
firehol.sh
@ -7013,6 +7013,7 @@ fi
|
||||
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
|
||||
# clear all chains
|
||||
firehol_filter_chains=
|
||||
initialize_firewall() {
|
||||
load_kernel_module ip_tables
|
||||
@ -7054,6 +7055,18 @@ initialize_firewall() {
|
||||
done
|
||||
}
|
||||
|
||||
# drop everything
|
||||
finalize_firewall() {
|
||||
# Make it drop everything on table 'filter'.
|
||||
local c=
|
||||
for c in ${firehol_filter_chains}
|
||||
do
|
||||
${IPTABLES_CMD} -t filter -P "${c}" DROP || exit 1
|
||||
done
|
||||
}
|
||||
|
||||
# this will be run when the first iptables command get executed in pre-process mode.
|
||||
# so that its commands are prepended to the other iptables commands of the firewall
|
||||
firewall_policy_applied=0
|
||||
firewall_policy() {
|
||||
firewall_policy_applied=1
|
||||
@ -7079,14 +7092,6 @@ firewall_policy() {
|
||||
fi
|
||||
}
|
||||
|
||||
finalize_firewall() {
|
||||
# Make it drop everything on table 'filter'.
|
||||
local c=
|
||||
for c in ${firehol_filter_chains}
|
||||
do
|
||||
${IPTABLES_CMD} -t filter -P "${c}" DROP || exit 1
|
||||
done
|
||||
}
|
||||
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
|
||||
@ -7162,16 +7167,6 @@ fi
|
||||
success $"FireHOL: Processing file ${FIREHOL_CONFIG}:"
|
||||
echo
|
||||
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
# if we just debugging things, do not proceed further
|
||||
|
||||
if [ "${FIREHOL_MODE}" = "DEBUG" ]
|
||||
then
|
||||
${CAT_CMD} ${FIREHOL_OUTPUT}
|
||||
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
||||
|
||||
|
||||
@ -7190,6 +7185,12 @@ then
|
||||
) >>${FIREHOL_OUTPUT}.fast
|
||||
done
|
||||
|
||||
if [ "${FIREHOL_MODE}" = "DEBUG" ]
|
||||
then
|
||||
${CAT_CMD} ${FIREHOL_OUTPUT}.fast
|
||||
exit 1
|
||||
fi
|
||||
|
||||
syslog info "Activating new firewall from ${FIREHOL_CONFIG} (translated to ${FIREHOL_COMMAND_COUNTER} iptables rules)."
|
||||
echo -n $"FireHOL: Fast activating new firewall:"
|
||||
|
||||
@ -7209,6 +7210,12 @@ then
|
||||
|
||||
else
|
||||
|
||||
if [ "${FIREHOL_MODE}" = "DEBUG" ]
|
||||
then
|
||||
${CAT_CMD} ${FIREHOL_OUTPUT}
|
||||
exit 1
|
||||
fi
|
||||
|
||||
syslog info "Activating new firewall from ${FIREHOL_CONFIG} (translated to ${FIREHOL_COMMAND_COUNTER} iptables rules)."
|
||||
echo -n $"FireHOL: Activating new firewall (${FIREHOL_COMMAND_COUNTER} rules):"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user