| Andy Bavier | 8d51c6c | 2015-04-01 11:40:22 -0400 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | |
| 3 | SHELL="/bin/bash" |
| 4 | |
| 5 | NIC=$( route|grep default|awk '{print$8}' ) |
| 6 | PORTAL=$( dig +short portal.opencloud.us ) |
| 7 | |
| 8 | NAME="${1}" |
| 9 | OP="${2}" |
| 10 | SUBOP="${3}" |
| 11 | ARGS="${4}" |
| 12 | |
| 13 | add_rule() { |
| 14 | ARGS=$1 |
| 15 | iptables -C FORWARD $ARGS |
| 16 | if [ "$?" -ne 0 ] |
| 17 | then |
| 18 | iptables -I FORWARD 1 $ARGS |
| 19 | fi |
| 20 | } |
| 21 | |
| 22 | add_local_access_rules() { |
| 23 | SUBNET=$( ip addr show $NIC|grep "inet "|awk '{print $2}' ) |
| 24 | add_rule "-s $SUBNET -j ACCEPT" |
| 25 | } |
| 26 | |
| 27 | add_portal_access_rules() { |
| 28 | add_rule "-s $PORTAL -j ACCEPT" |
| 29 | } |
| 30 | |
| 31 | add_web_access_rules() { |
| 32 | add_rule "-p tcp --dport 80 -j ACCEPT" |
| 33 | } |
| 34 | |
| 35 | if [ "$OP" = "start" ] |
| 36 | then |
| 37 | add_local_access_rules |
| 38 | add_portal_access_rules |
| 39 | add_web_access_rules |
| 40 | fi |