Skip to content

Commit 2221964

Browse files
benjamreisbenjamreis
committed
Adapt firewall-port to IPv6
Signed-off-by: Benjamin Reis <[email protected]>
1 parent b6619b5 commit 2221964

File tree

1 file changed

+31
-14
lines changed

1 file changed

+31
-14
lines changed

scripts/plugins/firewall-port

Lines changed: 31 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,28 @@ set -e
99
# protocol.
1010
#
1111
# Usage:
12-
# ./firewall-port {open|close} port protocol
12+
# ./firewall-port [-6] {open|close} port protocol
1313
#
1414
#################################################
1515

16+
usage() {
17+
echo $"Usage: $0 [-6] {open|close|check} {port} {protocol}" 1>&2
18+
}
19+
20+
BINARY=iptables
21+
while getopts ":6" option; do
22+
case $option in
23+
6)
24+
BINARY=ip6tables
25+
;;
26+
\?)
27+
usage
28+
exit 1
29+
;;
30+
esac
31+
shift
32+
done
33+
1634
OP="$1"
1735
PORT="$2"
1836
PROTOCOL="${3:-tcp}"
@@ -29,37 +47,36 @@ esac
2947

3048
case "${OP}" in
3149
open)
32-
if ! iptables -C $CHAIN $RULE 2>/dev/null
50+
if ! $BINARY -C $CHAIN $RULE 2>/dev/null
3351
then # first ensure chain exists
34-
if iptables -N "${CHAIN}" 2>/dev/null
52+
if $BINARY -N "${CHAIN}" 2>/dev/null
3553
then #chain did not exist but does now
36-
iptables -A "${CHAIN}" -j RETURN
37-
iptables -I INPUT -j "${CHAIN}"
38-
fi # asuume chain is used if it exists
39-
iptables -I "${CHAIN}" $RULE
40-
/usr/libexec/iptables/iptables.init save
54+
$BINARY -A "${CHAIN}" -j RETURN
55+
$BINARY -I INPUT -j "${CHAIN}"
56+
fi # assume chain is used if it exists
57+
$BINARY -I "${CHAIN}" $RULE
58+
/usr/libexec/iptables/"$BINARY".init save
4159
fi
4260
;;
4361
close)
44-
if iptables -C $CHAIN $RULE 2>/dev/null
62+
if $BINARY -C $CHAIN $RULE 2>/dev/null
4563
then # close port if it was opened
46-
iptables -D $CHAIN $RULE
47-
/usr/libexec/iptables/iptables.init save
64+
$BINARY -D $CHAIN $RULE
65+
/usr/libexec/iptables/"$BINARY".init save
4866
fi
4967
;;
5068
check)
51-
if [[ -z `iptables -S $CHAIN | grep " $PORT "` ]]
69+
if [[ -z `$BINARY -S $CHAIN | grep " $PORT "` ]]
5270
then
5371
echo "Port $PORT open: true"
5472
else
5573
echo "Port $PORT open: false"
5674
fi
5775
;;
5876
*)
59-
echo $"Usage: $0 {open|close|check} {port} {protocol}" 1>&2
77+
usage
6078
exit 1
6179
;;
6280
esac
6381

6482
exit 0
65-

0 commit comments

Comments
 (0)