Commit c0a3e81b authored by Imran Hussain's avatar Imran Hussain

Push up the actual firewall rules running on games...

parent e867e810
#!/bin/bash
### BEGIN INIT INFO
# Provides: games-firewall
# Required-Start: $network $syslog $remote_fs
# Required-Stop: $network $syslog $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Set firewall rules and clear games user table
# Description: Sets default INPUT policy to DROP and adds default
# rules for access from SUCS and for exposed services.
# Sets default INPUT policy to accept when stopped.
# The game server user table is purged when the firewall
# is started or stopped in order to ensure it reflects the
# current firewall state.
### END INIT INFO
start(){
/sbin/iptables -F INPUT
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -s 137.44.10.0/24 -j ACCEPT
/sbin/iptables -A INPUT -p TCP --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -p TCP --dport 443 -j ACCEPT
/usr/local/src/gameauth/empty_users_table.py
/var/www/gameauth/gameauth-task.php
}
stop(){
/sbin/iptables -F INPUT
/sbin/iptables -P INPUT ACCEPT
/usr/local/src/gameauth/empty_users_table.py
/var/www/gameauth/gameauth-task.php
}
case "$1" in
start)
start
;;
stop)
stop
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
start)
echo -n "Starting firewall..."
start
echo "done."
;;
stop)
echo -n "Stopping firewall..."
stop
echo "done."
;;
restart)
echo -n "Restarting firewall..."
stop
start
echo "done."
;;
force-reload)
echo -n "Restarting firewall..."
stop
start
echo "done."
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload}"
echo "restart and force-reload are equivalent"
exit 1
esac
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment