"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "share/arno-iptables-firewall/plugins/90rpc.plugin" between
aif-2.1.0.tar.gz and aif-2.1.1.tar.gz

About: Arno’s iptables firewall is a stateful firewall script for both single and multi-homed machines with DSL/ADSL support.

90rpc.plugin  (aif-2.1.0):90rpc.plugin  (aif-2.1.1)
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# -= Arno's Iptables Firewall(AIF) - RPC plugin =- # -= Arno's Iptables Firewall(AIF) - RPC plugin =-
# #
PLUGIN_NAME="RPCplugin" PLUGIN_NAME="RPCplugin"
PLUGIN_VERSION="0.21-BETA" PLUGIN_VERSION="0.22a-BETA"
PLUGIN_CONF_FILE="rpc.conf" PLUGIN_CONF_FILE="rpc.conf"
# #
# Last changed : January 17, 2012 # Last changed : April 13, 2020
# Requirements : kernel 2.6 # Requirements : kernel 2.6
# Comments : This plugin opens RPC ports # Comments : This plugin opens RPC ports
# #
# Author : (C) Copyright 2011-2012 by Jared H. Hudson # Author : (C) Copyright 2011-2012 by Jared H. Hudson
# Email : jhhudso AT volumehost DOT com # Email : jhhudso AT volumehost DOT com
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# This program is free software; you can redistribute it and/or # This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License # modify it under the terms of the GNU General Public License
# version 2 as published by the Free Software Foundation. # version 2 as published by the Free Software Foundation.
# #
skipping to change at line 43 skipping to change at line 43
iptables -N RPC_CHAIN 2>/dev/null iptables -N RPC_CHAIN 2>/dev/null
iptables -F RPC_CHAIN iptables -F RPC_CHAIN
# Insert rule into the main chain: # Insert rule into the main chain:
iptables -A EXT_INPUT_CHAIN -j RPC_CHAIN iptables -A EXT_INPUT_CHAIN -j RPC_CHAIN
echo "${INDENT}Enabling RPC service(s) $RPC_SERVICES for net(s) $RPC_NETS" echo "${INDENT}Enabling RPC service(s) $RPC_SERVICES for net(s) $RPC_NETS"
IFS=' ,' IFS=' ,'
for service in $RPC_SERVICES; do for service in $RPC_SERVICES; do
ports="$(rpcinfo -p |awk "/tcp.*$service/"' { print $4 }' |uniq)" ports="$(rpcinfo -p |awk "/tcp.*$service/"' { print $4 }' |uniq |tr '\n' ' ' )"
echo "${INDENT}Adding TCP ports $ports for RPC service $service" echo "${INDENT}Adding TCP ports $ports for RPC service $service"
for net in $RPC_NETS; do for net in $RPC_NETS; do
for port in $ports; do for port in $ports; do
iptables -I RPC_CHAIN -p tcp -s $net --dport $port -j ACCEPT iptables -I RPC_CHAIN -p tcp -s $net --dport $port -j ACCEPT
done done
done done
ports="$(rpcinfo -p | awk "/udp.*$service/"' {print $4}' |uniq)" ports="$(rpcinfo -p |awk "/udp.*$service/"' { print $4 }' |uniq |tr '\n' ' ' )"
echo "${INDENT}Adding UDP ports $ports for RPC service $service" echo "${INDENT}Adding UDP ports $ports for RPC service $service"
for net in $RPC_NETS; do for net in $RPC_NETS; do
for port in $ports; do for port in $ports; do
iptables -I RPC_CHAIN -p udp -s $net --dport $port -j ACCEPT iptables -I RPC_CHAIN -p udp -s $net --dport $port -j ACCEPT
done done
done done
done done
return 0 return 0
} }
skipping to change at line 89 skipping to change at line 89
iptables -F RPC_CHAIN iptables -F RPC_CHAIN
iptables -X RPC_CHAIN 2>/dev/null iptables -X RPC_CHAIN 2>/dev/null
return 0 return 0
} }
# Plugin status function # Plugin status function
plugin_status() plugin_status()
{ {
iptables -L RPC_CHAIN iptables -L RPC_CHAIN |sed -e "s/^/$INDENT/"
return 0 return 0
} }
plugin_sanity_check() plugin_sanity_check()
{ {
if [ -z "$RPC_SERVICES" ] || [ -z "$RPC_NETS" ]; then if [ -z "$RPC_SERVICES" ] || [ -z "$RPC_NETS" ]; then
printf "\033[40m\033[1;31m${INDENT}ERROR: The plugin config file is not prop erly setup!\033[0m\n" >&2 printf "\033[40m\033[1;31m${INDENT}ERROR: The plugin config file is not prop erly setup!\033[0m\n" >&2
return 1 return 1
fi fi
if ! check_command rpcinfo; then
printf "\033[40m\033[1;31m${INDENT}ERROR: Required binary \"rpcinfo\" is not
available!\n\033[0m" >&2
return 1
fi
return 0 return 0
} }
############ ############
# Mainline # # Mainline #
############ ############
# Check where to find the config file # Check where to find the config file
CONF_FILE="" CONF_FILE=""
if [ -n "$PLUGIN_CONF_PATH" ]; then if [ -n "$PLUGIN_CONF_PATH" ]; then
CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE" CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE"
fi fi
# Preinit to success: # Preinit to success:
PLUGIN_RET_VAL=0 PLUGIN_RET_VAL=0
# Check if the config file exists # Check if the config file exists
if [ ! -e "$CONF_FILE" ]; then if [ ! -f "$CONF_FILE" ]; then
printf "NOTE: Config file \"$CONF_FILE\" not found!\n Plugin \"$PLUGIN_ NAME v$PLUGIN_VERSION\" ignored!\n" >&2 printf "NOTE: Config file \"$CONF_FILE\" not found!\n Plugin \"$PLUGIN_ NAME v$PLUGIN_VERSION\" ignored!\n" >&2
else else
# Source the plugin config file # Source the plugin config file
. "$CONF_FILE" . "$CONF_FILE"
if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] || if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] ||
[ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] || [ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] ||
[ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] || [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] ||
[ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then
# Show who we are: # Show who we are:
 End of changes. 7 change blocks. 
6 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)