diff options
Diffstat (limited to 'tests/shorewall')
-rw-r--r-- | tests/shorewall | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/tests/shorewall b/tests/shorewall new file mode 100644 index 0000000..b55693f --- /dev/null +++ b/tests/shorewall @@ -0,0 +1,24 @@ + IFACE=eth0 + d="/etc/shorewall" + IP=`ip addr show $IFACE | awk -F 'inet' '{print $2}' | tail -n1 | awk '{print $1}` + BCAST=`ipcalc -b $IP | cut -d= -f2` + + # verify that we actually have an eth0 device + ip addr show ${IFACE} + apk_add $@ + # save current iptables + /etc/init.d/iptables save + echo "STARTUP_ENABLED=Yes" >> "${d}/shorewall.conf" + echo "loc ipv4" >> "${d}/zones" + echo "loc ${IFACE}" >> "${d}/interfaces" + # so we dont lose our ssh connection + echo "all all ACCEPT" >> "${d}/policy" + echo "Ping/REJECT fw all" >> "${d}/rules" + /etc/init.d/$@ start + # detect the broadcast adress and try to ping it + echo "BROADCAST addr is $BCAST" + # we should not be allowed to ping + ping -c 1 $BCAST 2>&1 | grep "not permitted" + /etc/init.d/$@ stop + /etc/init.d/iptables restore + apk_del $@ |