v-stop-firewall 2.1 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. #!/bin/bash
  2. # info: stop system firewall
  3. # options: NONE
  4. #
  5. # The function stops iptables
  6. #----------------------------------------------------------#
  7. # Variable&Function #
  8. #----------------------------------------------------------#
  9. # Defining absolute path for iptables and modprobe
  10. iptables="/sbin/iptables"
  11. modprobe="/sbin/modprobe"
  12. # Includes
  13. source /etc/profile.d/vesta.sh
  14. source $VESTA/func/main.sh
  15. source $VESTA/conf/vesta.conf
  16. #----------------------------------------------------------#
  17. # Verifications #
  18. #----------------------------------------------------------#
  19. #is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
  20. #----------------------------------------------------------#
  21. # Action #
  22. #----------------------------------------------------------#
  23. # Creating temporary file
  24. tmp=$(mktemp)
  25. # Flushing INPUT chain
  26. echo "$iptables -P INPUT ACCEPT" >> $tmp
  27. echo "$iptables -F INPUT" >> $tmp
  28. # Deleting vesta chain
  29. echo "$iptables -X vesta" >> $tmp
  30. # Deleting custom chains
  31. chains=$(cat $VESTA/data/firewall/chains.conf 2>/dev/null)
  32. IFS=$'\n'
  33. for chain in $chains; do
  34. eval $chain
  35. echo "$iptables -F fail2ban-$CHAIN" >> $tmp
  36. echo "$iptables -X fail2ban-$CHAIN" >> $tmp
  37. done
  38. # Applying rules
  39. bash $tmp 2>/dev/null
  40. # Deleting temporary file
  41. rm -f $tmp
  42. # Saving rules to the master iptables file
  43. if [ -e "/etc/redhat-release" ]; then
  44. /sbin/iptables-save > /etc/sysconfig/iptables
  45. if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then
  46. /sbin/chkconfig iptables off
  47. fi
  48. else
  49. /sbin/iptables-save > /etc/iptables.rules
  50. preup="/etc/network/if-pre-up.d/iptables"
  51. if [ ! -e "$preup" ]; then
  52. echo '#!/bin/sh' > $preup
  53. echo "/sbin/iptables-restore < /etc/iptables.rules" >> $preup
  54. echo "exit 0" >> $preup
  55. chmod +x $preup
  56. fi
  57. fi
  58. #----------------------------------------------------------#
  59. # Vesta #
  60. #----------------------------------------------------------#
  61. exit