2005-07-01 16:03:23 +00:00
|
|
|
#!/bin/bash
|
|
|
|
#
|
|
|
|
# init script for the Ethernet Bridge filter tables
|
|
|
|
#
|
|
|
|
# Original written by Dag Wieers <dag@wieers.com>.
|
|
|
|
# Modified by Tom "spot" Callaway <tcallawa@redhat.com>
|
|
|
|
#
|
|
|
|
# chkconfig: - 15 85
|
|
|
|
# description: Ethernet Bridge filtering tables
|
|
|
|
#
|
|
|
|
# config: /etc/sysconfig/ebtables.filter
|
|
|
|
# config: /etc/sysconfig/ebtables.nat
|
2005-07-01 16:27:11 +00:00
|
|
|
# config: /etc/sysconfig/ebtables.broute
|
2005-07-01 16:03:23 +00:00
|
|
|
|
|
|
|
source /etc/init.d/functions
|
|
|
|
source /etc/sysconfig/network
|
|
|
|
|
|
|
|
# Check that networking is up.
|
|
|
|
[ ${NETWORKING} = "no" ] && exit 0
|
|
|
|
|
|
|
|
[ -x /sbin/ebtables ] || exit 1
|
|
|
|
|
|
|
|
RETVAL=0
|
|
|
|
RETVAL_FILTER=0
|
|
|
|
RETVAL_NAT=0
|
|
|
|
RETVAL_BROUTE=0
|
|
|
|
prog="ebtables"
|
|
|
|
desc="Ethernet bridge filtering"
|
|
|
|
|
2005-07-01 16:27:11 +00:00
|
|
|
lockfile=/var/lock/subsys/$prog
|
|
|
|
|
2005-07-01 16:03:23 +00:00
|
|
|
initialize() {
|
|
|
|
# Initialize $TYPE tables
|
|
|
|
echo -n $" $TYPE tables: "
|
|
|
|
if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
|
|
|
|
/sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
|
|
|
|
else
|
|
|
|
echo -n "not configured"
|
|
|
|
fi
|
|
|
|
if [ $RETVAL -eq 0 ]; then
|
|
|
|
success "$TYPE startup"
|
|
|
|
else
|
|
|
|
failure "$TYPE startup"
|
|
|
|
fi
|
|
|
|
return $RETVAL
|
|
|
|
}
|
|
|
|
|
|
|
|
start() {
|
|
|
|
echo "Starting $desc ($prog): "
|
|
|
|
# Initialize filter tables
|
|
|
|
TYPE=filter
|
|
|
|
initialize
|
|
|
|
RETVAL_FILTER=$RETVAL
|
|
|
|
RETVAL=0
|
|
|
|
|
|
|
|
# Initialize NAT tables
|
|
|
|
echo
|
|
|
|
TYPE=nat
|
|
|
|
initialize
|
|
|
|
RETVAL_NAT=$RETVAL
|
|
|
|
RETVAL=0
|
|
|
|
|
|
|
|
# Initialize broute tables
|
|
|
|
echo
|
|
|
|
TYPE=broute
|
|
|
|
initialize
|
|
|
|
RETVAL_BROUTE=$RETVAL
|
|
|
|
RETVAL=0
|
|
|
|
|
|
|
|
RETVAL=`expr $RETVAL_BROUTE + $RETVAL_NAT + $RETVAL_FILTER`
|
|
|
|
|
|
|
|
if [ $RETVAL -eq 0 ]; then
|
2005-07-01 16:27:11 +00:00
|
|
|
touch $lockfile
|
2005-07-01 16:03:23 +00:00
|
|
|
fi
|
|
|
|
|
|
|
|
echo
|
|
|
|
return $RETVAL
|
|
|
|
}
|
|
|
|
|
|
|
|
stop() {
|
|
|
|
echo -n $"Stopping $desc ($prog): "
|
|
|
|
/sbin/ebtables -t filter --init-table || RETVAL=1
|
|
|
|
/sbin/ebtables -t nat --init-table || RETVAL=1
|
|
|
|
/sbin/ebtables -t broute --init-table || RETVAL=1
|
|
|
|
|
|
|
|
for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
|
|
|
|
/sbin/rmmod $mod || RETVAL=1
|
|
|
|
done
|
|
|
|
|
|
|
|
if [ $RETVAL -eq 0 ]; then
|
|
|
|
success "$prog shutdown"
|
2005-07-01 16:27:11 +00:00
|
|
|
rm -f $lockfile
|
2005-07-01 16:03:23 +00:00
|
|
|
else
|
|
|
|
failure "$prog shutdown"
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo
|
|
|
|
return $RETVAL
|
|
|
|
}
|
|
|
|
|
|
|
|
restart() {
|
|
|
|
stop
|
|
|
|
start
|
|
|
|
}
|
|
|
|
|
|
|
|
save() {
|
|
|
|
echo -n $"Saving $desc ($prog): "
|
|
|
|
/sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
|
|
|
|
/sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
|
|
|
|
/sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
|
|
|
|
|
|
|
|
if [ $RETVAL -eq 0 ]; then
|
|
|
|
success "$prog saved"
|
|
|
|
else
|
|
|
|
failure "$prog saved"
|
|
|
|
fi
|
|
|
|
echo
|
|
|
|
}
|
|
|
|
|
|
|
|
case "$1" in
|
|
|
|
start)
|
|
|
|
start
|
|
|
|
;;
|
|
|
|
stop)
|
|
|
|
stop
|
|
|
|
;;
|
|
|
|
restart|reload)
|
|
|
|
restart
|
|
|
|
;;
|
|
|
|
condrestart)
|
2005-07-01 16:27:11 +00:00
|
|
|
[ -e $lockfile ] && restart
|
2005-07-01 16:03:23 +00:00
|
|
|
RETVAL=$?
|
|
|
|
;;
|
|
|
|
save)
|
|
|
|
save
|
|
|
|
;;
|
|
|
|
status)
|
|
|
|
status $prog
|
|
|
|
RETVAL=$?
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo $"Usage $0 {start|stop|restart|condrestart|save|status}"
|
|
|
|
RETVAL=1
|
|
|
|
esac
|
|
|
|
|
|
|
|
exit $RETVAL
|