diff options
| author | Jouke Witteveen <j.witteveen@gmail.com> | 2012-04-10 19:28:31 +0200 |
|---|---|---|
| committer | Jouke Witteveen <j.witteveen@gmail.com> | 2012-04-10 19:28:31 +0200 |
| commit | fda34d4a6c03e919786b26876d6a9c051119db1d (patch) | |
| tree | ab17b53150d53089b1211fa7afcbe4278d9076cf /contrib | |
| parent | bc66a6906c5a1a55c5c9adc7c69f2370327db139 (diff) | |
| download | netctl-fda34d4a6c03e919786b26876d6a9c051119db1d.tar.gz netctl-fda34d4a6c03e919786b26876d6a9c051119db1d.tar.xz | |
Location based firewall support (FS#26380)
Provide a sample hook file for supporting firewall rule sets based on network 'locations'.
Diffstat (limited to 'contrib')
| -rwxr-xr-x | contrib/iptables.hook | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/contrib/iptables.hook b/contrib/iptables.hook new file mode 100755 index 0000000..95546ba --- /dev/null +++ b/contrib/iptables.hook @@ -0,0 +1,17 @@ +### Sample netcfg hook script for location based firewall rules. +### To install, make this executable and put it in /usr/lib/network/hooks + +### USAGE +## You need to have iptables installed to use this script. +## Add a location to your network profile and add firewall to your POST_UP. +## The iptables setup in /etc/iptables/$LOCATION.rules will now be loaded +## automatically when a connection is established. +## +## Sample excerpt from the profile: +## LOCATION="library" +## POST_UP="firewall" + +function firewall { + /usr/sbin/iptables-restore < "/etc/iptables/$LOCATION.rules" +} + |