summaryrefslogtreecommitdiffstats
path: root/main/iptables/iptables.initd
diff options
context:
space:
mode:
authorKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2012-02-23 13:10:52 +0000
committerKaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>2012-02-23 13:10:52 +0000
commit2eda762379f060d2fadc7bcf89ad7626fac14921 (patch)
tree3b19e50a298f5ff48f4097cdd5a4bdcd3a7e4119 /main/iptables/iptables.initd
parent836801afd6326a30b061fbae7dd0469a9a46049f (diff)
downloadaports-2eda762379f060d2fadc7bcf89ad7626fac14921.tar.bz2
aports-2eda762379f060d2fadc7bcf89ad7626fac14921.tar.xz
main/iptables: optionally enable/disable forwarding in init script
Diffstat (limited to 'main/iptables/iptables.initd')
-rw-r--r--main/iptables/iptables.initd17
1 files changed, 15 insertions, 2 deletions
diff --git a/main/iptables/iptables.initd b/main/iptables/iptables.initd
index f7a601563..3de25229d 100644
--- a/main/iptables/iptables.initd
+++ b/main/iptables/iptables.initd
@@ -14,13 +14,16 @@ fi
iptables_bin="/sbin/${iptables_name}"
case ${iptables_name} in
iptables) iptables_proc="/proc/net/ip_tables_names"
- iptables_save=${IPTABLES_SAVE};;
+ iptables_save=${IPTABLES_SAVE}
+ sysctl_ipfwd=net.ipv4.ip_forward;;
ip6tables) iptables_proc="/proc/net/ip6_tables_names"
- iptables_save=${IP6TABLES_SAVE};;
+ iptables_save=${IP6TABLES_SAVE}
+ sysctl_ipfwd=net.ipv6.conf.all.forwarding;;
esac
depend() {
before net
+ after sysctl
use logger
provide firewall
}
@@ -61,9 +64,19 @@ start() {
ebegin "Loading ${iptables_name} state and starting firewall"
${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?
+ if [ "${IPFORWARD}" = yes ]; then
+ ebegin "Enabling forwarding"
+ /sbin/sysctl -w ${sysctl_ipfwd}=1 > /dev/null
+ eend $?
+ fi
}
stop() {
+ if [ "${IPFORWARD}" = yes ]; then
+ ebegin "Disabling forwarding"
+ /sbin/sysctl -w ${sysctl_ipfwd}=0 > /dev/null
+ eend $?
+ fi
if [ "${SAVE_ON_STOP}" = "yes" ] ; then
save || return 1
fi