blob: 3e5eb5b0617db4ff660419845783cf81723fa453 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
#!/bin/bash
if [ ! -f /etc/icpc/.isserver ]; then
if [ -x /etc/icpc/bocaserver.sh ]; then
. /etc/icpc/bocaserver.sh
fi
/sbin/iptables -F INPUT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -s 143.107.255.15 -j ACCEPT
# just to make things easier, let's allow communication to/from BOCA servers
/sbin/iptables -A INPUT -s 45.33.30.235 -j ACCEPT
/sbin/iptables -A INPUT -s 50.116.19.221 -j ACCEPT
if [ "$BOCASERVER" != "" ]; then
/sbin/iptables -A INPUT -s $BOCASERVER -j ACCEPT
fi
if [ "$BOCASERVERS" != "" ]; then
for i in `echo $BOCASERVERS | cut -d';'`; do
/sbin/iptables -A INPUT -s $i -j ACCEPT
done
fi
/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 67:68 --dport 67:68 -j ACCEPT
/sbin/iptables -A INPUT -m udp -p udp -s 0/0 --sport 53 --dport 53 -j ACCEPT
/sbin/iptables -A INPUT -m tcp -p tcp -s 0/0 --sport 53 --dport 53 -j ACCEPT
/sbin/iptables -A INPUT -j REJECT
else
if [ -x /etc/icpc/bocaserver.iptables ]; then
. /etc/icpc/bocaserver.iptables
fi
fi
|
