|
|
|
@ -16,6 +16,9 @@ FW_DEFAULT_INPUT_POLICY=REJECT |
|
|
|
|
FW_DEFAULT_OUTPUT_POLICY=REJECT |
|
|
|
|
FW_DEFAULT_FORWARD_POLICY=REJECT |
|
|
|
|
|
|
|
|
|
FW_DISABLE_IPV4=0 |
|
|
|
|
FW_DISABLE_IPV6=0 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fw_load_defaults() { |
|
|
|
|
fw_config_get_section "$1" defaults { \ |
|
|
|
@ -34,6 +37,7 @@ fw_load_defaults() { |
|
|
|
|
boolean accept_redirects 0 \ |
|
|
|
|
boolean accept_source_route 0 \ |
|
|
|
|
boolean custom_chains 1 \ |
|
|
|
|
boolean disable_ipv6 0 \ |
|
|
|
|
} || return |
|
|
|
|
[ -n "$FW_DEFAULTS_APPLIED" ] && { |
|
|
|
|
echo "Error: multiple defaults sections detected" |
|
|
|
@ -50,6 +54,8 @@ fw_load_defaults() { |
|
|
|
|
FW_ACCEPT_REDIRECTS=$defaults_accept_redirects |
|
|
|
|
FW_ACCEPT_SRC_ROUTE=$defaults_accept_source_route |
|
|
|
|
|
|
|
|
|
FW_DISABLE_IPV6=$defaults_disable_ipv6 |
|
|
|
|
|
|
|
|
|
fw_callback pre defaults |
|
|
|
|
|
|
|
|
|
# Seems like there are only one sysctl for both IP versions. |
|
|
|
@ -96,7 +102,7 @@ fw_load_defaults() { |
|
|
|
|
fw add i f forwarding_rule |
|
|
|
|
fw add i n prerouting_rule |
|
|
|
|
fw add i n postrouting_rule |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
fw add i f INPUT input_rule |
|
|
|
|
fw add i f OUTPUT output_rule |
|
|
|
|
fw add i f FORWARD forwarding_rule |
|
|
|
|