|
@ -112,14 +112,26 @@ function prepare_nftables() { |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
current_target="${TARGET:-not_defined_yet}" |
|
|
current_target="${TARGET:-not_defined_yet}" |
|
|
|
|
|
desktop=false |
|
|
|
|
|
samba=false |
|
|
if [[ $current_target == not_defined_yet ]]; then |
|
|
if [[ $current_target == not_defined_yet ]]; then |
|
|
echo -n "generating new firewall table first time... " |
|
|
echo -n "generating new firewall table first time... " |
|
|
|
|
|
else |
|
|
|
|
|
if [[ $current_target == 'dev' ]]; then |
|
|
|
|
|
if exist_command 'xprop'; then |
|
|
|
|
|
desktop=true |
|
|
|
|
|
fi |
|
|
|
|
|
if exist_command 'smbstatus'; then |
|
|
|
|
|
samba=true |
|
|
|
|
|
fi |
|
|
|
|
|
echo -n "generating new firewall table according to target=<${current_target}>, desktop=<$desktop>, samba=<$samba> ..." |
|
|
else |
|
|
else |
|
|
echo -n "generating new firewall table according to target=<${current_target}>..." |
|
|
echo -n "generating new firewall table according to target=<${current_target}>..." |
|
|
fi |
|
|
fi |
|
|
sudo env target="$current_target" tera -e --env-only --env-key env -t "$MIAOU_BASEDIR/templates/nftables/firewall.table.j2" -o /etc/nftables.rules.d/firewall.table &>/dev/null |
|
|
|
|
|
|
|
|
fi |
|
|
|
|
|
sudo env target="$current_target" desktop="$desktop" samba="$samba" tera -e --env-only --env-key env -t "$MIAOU_BASEDIR/templates/nftables/firewall.table.j2" -o /etc/nftables.rules.d/firewall.table &>/dev/null |
|
|
sudo systemctl reload nftables |
|
|
sudo systemctl reload nftables |
|
|
echo "OK" |
|
|
|
|
|
|
|
|
PREFIX="" echoinfo "DONE" |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -196,7 +208,7 @@ function trap_error() { |
|
|
# test all commands exist, else fail |
|
|
# test all commands exist, else fail |
|
|
function exist_command() { |
|
|
function exist_command() { |
|
|
for i in "$@"; do |
|
|
for i in "$@"; do |
|
|
command -v "$i" &>/dev/null || return 50 |
|
|
|
|
|
|
|
|
command -v "$i" >/dev/null || return 50 |
|
|
done |
|
|
done |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|