Package idea, Debian-Firewall.

To: debian-devel@lists.debian.org
Subject: Package idea, Debian-Firewall.
From: "nicklas (smurfd)" <smurfd@smurfnet.homelinux.net>
Date: Wed, 13 Oct 2004 06:13:36 +0200
Message-id: <[🔎] 1097640754.6025.14.camel@localhost.localdomain>

Hey Debian-devels!

I have had  a package idea, for a long time now. The idea, was a
package, containing a "Flush-all" firewall script. Adding this script to
be ran at bootup. Just for the simplicity. I tend to keep forgetting to
add it myself.

So tonight i took the time to create such a package.

What the package does, it creates a firewall script in
/etc/init.d/debian-firewall
looking like : 

#!/bin/bash

FW_VER=0.1

echo -e "\nLoading Debian Firewall[ $FW_VER ] ...\n"

IPTABLES=/sbin/iptables
DEPMOD=/sbin/depmod
INSMOD=/sbin/insmod

# Flush old rules, and set ACCEPT as default policy
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD

$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

(now it contains a ACCEPT ssh rule, just to show that its run, yes it does flush your old firewall, sorry about that)

the postinst file looks like : 

#!/bin/sh
set -e
if [ "$1" = "configure" ]; then
        ln -s /etc/init.d/debian-firewall /etc/rc0.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc1.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc2.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc3.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc4.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc5.d/S20debian-firewall
        ln -s /etc/init.d/debian-firewall /etc/rc6.d/S20debian-firewall
fi


and the prerm file looks like : 

#!/bin/sh
set -e
if [ "$1" = "remove" ]; then
        rm /etc/rc0.d/S20debian-firewall
        rm /etc/rc1.d/S20debian-firewall
        rm /etc/rc2.d/S20debian-firewall
        rm /etc/rc3.d/S20debian-firewall
        rm /etc/rc4.d/S20debian-firewall
        rm /etc/rc5.d/S20debian-firewall
        rm /etc/rc6.d/S20debian-firewall

        echo "Leaving firewall script in /etc/init.d/debian-firewall.backup."
        cp /etc/init.d/debian-firewall /etc/init.d/debian-firewall.backup
fi
(it saves a backup of it before removing it)


looks good? Only problem though, is that im not a debiandeveloper. Have had thoughts about it, but never got around
to drag myself to a keysigning party, basicly because they are somewhat far away from me.

Anyway, feel like you want to try it : http://smurfnet.homelinux.net/files/debian-firewall_0.1-1_all.deb

btw im not a subscriber to debian-devel AT lists dot debian dot org, so if you have anything to add/ask mail me at this mailaddress:
smurfd AT smurfnet dot homelinux dot org

best regards
/Nicklas

Reply to:

Follow-Ups:
- Re: Package idea, Debian-Firewall.
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Package idea, Debian-Firewall.
  - From: Steve Kemp <skx@debian.org>

Prev by Date: Bug#276255: ITP: python-libfuse -- Python bindings for FUSE (Filesystems in USErland)
Next by Date: Re: ..d-u support sponsorships, was: Problem with ppp keeping link up
Previous by thread: Bug#276255: ITP: python-libfuse -- Python bindings for FUSE (Filesystems in USErland)
Next by thread: Re: Package idea, Debian-Firewall.
Index(es):
- Date
- Thread