diff options
| author | cassio <cassiopc@gmail.com> | 2013-07-02 05:46:45 +0000 |
|---|---|---|
| committer | cassio <cassiopc@gmail.com> | 2013-07-02 05:46:45 +0000 |
| commit | be2491b093b1f0ca430bede679ecbb670041e483 (patch) | |
| tree | fe2da63d1811cb93e4352a43a113ace37b9f6017 /tools/etc/network | |
| parent | a9aa438ea0558eb0044cf1e54a9190ddb41b65e5 (diff) | |
| download | boca-be2491b093b1f0ca430bede679ecbb670041e483.tar.gz boca-be2491b093b1f0ca430bede679ecbb670041e483.zip | |
restructuring of boca's git
Diffstat (limited to 'tools/etc/network')
| -rw-r--r-- | tools/etc/network/if-pre-up.d/boca | 25 | ||||
| -rw-r--r-- | tools/etc/network/if-up.d/boca | 17 |
2 files changed, 42 insertions, 0 deletions
diff --git a/tools/etc/network/if-pre-up.d/boca b/tools/etc/network/if-pre-up.d/boca new file mode 100644 index 0000000..f65a27f --- /dev/null +++ b/tools/etc/network/if-pre-up.d/boca @@ -0,0 +1,25 @@ +#!/bin/bash +if [ ! -f /etc/icpc/.isserver ]; then +if [ -x /etc/icpc/bocaserver.sh ]; then + . /etc/icpc/bocaserver.sh +fi +/sbin/iptables -F INPUT +/sbin/iptables -A INPUT -i lo -j ACCEPT +/sbin/iptables -A INPUT -s 143.107.255.15 -j ACCEPT + +# just to make things easier, let's allow communication to/from BOCA servers +/sbin/iptables -A INPUT -s 143.107.45.122 -j ACCEPT +/sbin/iptables -A INPUT -s 50.116.19.221 -j ACCEPT + +if [ "$BOCASERVER" != "" ]; then + /sbin/iptables -A INPUT -s $BOCASERVER -j ACCEPT +fi +/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 67:68 --dport 67:68 -j ACCEPT +/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 53 --dport 53 -j ACCEPT +/sbin/iptables -A INPUT -m tcp -p tcp -s 0/0 --sport 53 --dport 53 -j ACCEPT +/sbin/iptables -A INPUT -j REJECT +else + if [ -x /etc/icpc/bocaserver.iptables ]; then + . /etc/icpc/bocaserver.iptables + fi +fi diff --git a/tools/etc/network/if-up.d/boca b/tools/etc/network/if-up.d/boca new file mode 100644 index 0000000..0f31ee0 --- /dev/null +++ b/tools/etc/network/if-up.d/boca @@ -0,0 +1,17 @@ +#!/bin/bash +if [ ! -f /etc/icpc/.isserver ]; then +if [ -x /etc/icpc/bocaserver.sh ]; then + . /etc/icpc/bocaserver.sh +fi +/sbin/iptables -F INPUT +/sbin/iptables -A INPUT -i lo -j ACCEPT +/sbin/iptables -A INPUT -s 143.107.255.15 -j ACCEPT +if [ "$BOCASERVER" != "" ]; then + /sbin/iptables -A INPUT -s $BOCASERVER -j ACCEPT +fi +/sbin/iptables -A INPUT -j REJECT +else + if [ -x /etc/icpc/bocaserver.iptables ]; then + . /etc/icpc/bocaserver.iptables + fi +fi |