|
|
@ -157,6 +157,9 @@ fw_defaults() { |
|
|
|
config_get syn_rate $1 syn_rate |
|
|
|
config_get syn_rate $1 syn_rate |
|
|
|
config_get syn_burst $1 syn_burst |
|
|
|
config_get syn_burst $1 syn_burst |
|
|
|
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst |
|
|
|
[ "$syn_flood" == "1" ] && load_synflood $syn_rate $syn_burst |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "Adding custom chains" |
|
|
|
|
|
|
|
fw_custom_chains |
|
|
|
|
|
|
|
|
|
|
|
$IPTABLES -N input |
|
|
|
$IPTABLES -N input |
|
|
|
$IPTABLES -N output |
|
|
|
$IPTABLES -N output |
|
|
@ -170,9 +173,6 @@ fw_defaults() { |
|
|
|
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset |
|
|
|
$IPTABLES -A reject -p tcp -j REJECT --reject-with tcp-reset |
|
|
|
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable |
|
|
|
$IPTABLES -A reject -j REJECT --reject-with icmp-port-unreachable |
|
|
|
|
|
|
|
|
|
|
|
echo "Adding custom chains" |
|
|
|
|
|
|
|
fw_custom_chains |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fw_set_chain_policy INPUT "$DEF_INPUT" |
|
|
|
fw_set_chain_policy INPUT "$DEF_INPUT" |
|
|
|
fw_set_chain_policy OUTPUT "$DEF_OUTPUT" |
|
|
|
fw_set_chain_policy OUTPUT "$DEF_OUTPUT" |
|
|
|
fw_set_chain_policy FORWARD "$DEF_FORWARD" |
|
|
|
fw_set_chain_policy FORWARD "$DEF_FORWARD" |
|
|
|