145 lines
2.8 KiB
Plaintext
145 lines
2.8 KiB
Plaintext
|
#!/bin/bash
|
||
|
#
|
||
|
# init script for the Ethernet Bridge filter tables
|
||
|
#
|
||
|
# Original written by Dag Wieers <dag@wieers.com>.
|
||
|
# Modified by Tom "spot" Callaway <tcallawa@redhat.com>
|
||
|
#
|
||
|
# chkconfig: - 15 85
|
||
|
# description: Ethernet Bridge filtering tables
|
||
|
#
|
||
|
# config: /etc/sysconfig/ebtables.filter
|
||
|
# config: /etc/sysconfig/ebtables.nat
|
||
|
# config: /etc/sysconfig/ebtables.route
|
||
|
|
||
|
source /etc/init.d/functions
|
||
|
source /etc/sysconfig/network
|
||
|
|
||
|
# Check that networking is up.
|
||
|
[ ${NETWORKING} = "no" ] && exit 0
|
||
|
|
||
|
[ -x /sbin/ebtables ] || exit 1
|
||
|
|
||
|
RETVAL=0
|
||
|
RETVAL_FILTER=0
|
||
|
RETVAL_NAT=0
|
||
|
RETVAL_BROUTE=0
|
||
|
prog="ebtables"
|
||
|
desc="Ethernet bridge filtering"
|
||
|
|
||
|
initialize() {
|
||
|
# Initialize $TYPE tables
|
||
|
echo -n $" $TYPE tables: "
|
||
|
if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
|
||
|
/sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
|
||
|
else
|
||
|
echo -n "not configured"
|
||
|
fi
|
||
|
if [ $RETVAL -eq 0 ]; then
|
||
|
success "$TYPE startup"
|
||
|
else
|
||
|
failure "$TYPE startup"
|
||
|
fi
|
||
|
return $RETVAL
|
||
|
}
|
||
|
|
||
|
start() {
|
||
|
echo "Starting $desc ($prog): "
|
||
|
# Initialize filter tables
|
||
|
TYPE=filter
|
||
|
initialize
|
||
|
RETVAL_FILTER=$RETVAL
|
||
|
RETVAL=0
|
||
|
|
||
|
# Initialize NAT tables
|
||
|
echo
|
||
|
TYPE=nat
|
||
|
initialize
|
||
|
RETVAL_NAT=$RETVAL
|
||
|
RETVAL=0
|
||
|
|
||
|
# Initialize broute tables
|
||
|
echo
|
||
|
TYPE=broute
|
||
|
initialize
|
||
|
RETVAL_BROUTE=$RETVAL
|
||
|
RETVAL=0
|
||
|
|
||
|
RETVAL=`expr $RETVAL_BROUTE + $RETVAL_NAT + $RETVAL_FILTER`
|
||
|
|
||
|
if [ $RETVAL -eq 0 ]; then
|
||
|
rm -f /var/lock/subsys/$prog
|
||
|
fi
|
||
|
|
||
|
echo
|
||
|
return $RETVAL
|
||
|
}
|
||
|
|
||
|
stop() {
|
||
|
echo -n $"Stopping $desc ($prog): "
|
||
|
/sbin/ebtables -t filter --init-table || RETVAL=1
|
||
|
/sbin/ebtables -t nat --init-table || RETVAL=1
|
||
|
/sbin/ebtables -t broute --init-table || RETVAL=1
|
||
|
|
||
|
for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
|
||
|
/sbin/rmmod $mod || RETVAL=1
|
||
|
done
|
||
|
|
||
|
if [ $RETVAL -eq 0 ]; then
|
||
|
success "$prog shutdown"
|
||
|
rm -f /var/lock/subsys/$prog
|
||
|
else
|
||
|
failure "$prog shutdown"
|
||
|
fi
|
||
|
|
||
|
echo
|
||
|
return $RETVAL
|
||
|
}
|
||
|
|
||
|
restart() {
|
||
|
stop
|
||
|
start
|
||
|
}
|
||
|
|
||
|
save() {
|
||
|
echo -n $"Saving $desc ($prog): "
|
||
|
/sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
|
||
|
/sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
|
||
|
/sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
|
||
|
|
||
|
if [ $RETVAL -eq 0 ]; then
|
||
|
success "$prog saved"
|
||
|
else
|
||
|
failure "$prog saved"
|
||
|
fi
|
||
|
echo
|
||
|
}
|
||
|
|
||
|
case "$1" in
|
||
|
start)
|
||
|
start
|
||
|
;;
|
||
|
stop)
|
||
|
stop
|
||
|
;;
|
||
|
restart|reload)
|
||
|
restart
|
||
|
;;
|
||
|
condrestart)
|
||
|
[ -e /var/lock/subsys/$prog ] && restart
|
||
|
RETVAL=$?
|
||
|
;;
|
||
|
save)
|
||
|
save
|
||
|
;;
|
||
|
status)
|
||
|
status $prog
|
||
|
RETVAL=$?
|
||
|
;;
|
||
|
*)
|
||
|
echo $"Usage $0 {start|stop|restart|condrestart|save|status}"
|
||
|
RETVAL=1
|
||
|
esac
|
||
|
|
||
|
exit $RETVAL
|