Re: Default Policy = DROP. Help-me

[Yuri Rodrigues <yurirbraz@gmail.com>]

Paolo,

Fiz desa forma porque realmente não sei como fazer este tipo de controle. Eu interessei pelo que você disse a mim.
Pode me explicar melhor a funcionalidadae do "&&\" no final das linhas?

Grato,

Yuri Rodrigues

Paolo escreveu:

On Wed, Oct 24, 2007 at 03:57:08PM -0200, Yuri Rodrigues wrote:
  

# Firewall System
# Author - Yuri Rodrigues
# Mail - yurirbraz@gmail.com
    

...
  

$iptables -t mangle -P OUTPUT ACCEPT
$iptables -t mangle -P INPUT ACCEPT
$iptables -t mangle -P POSTROUTING ACCEPT
echo "Policing .......................................... [ OK ]"
    

...
  

modprobe iptable_mangle
modprobe iptable_nat
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "Loading Modules ................................... [ OK ]"
    

that's the wrong way of saying 'OK'; you want to say 'OK' if all went really
ok, else say 'NOK!' and perhaps bailout, ie something like:

...
$iptables -t mangle -P OUTPUT ACCEPT &&\
$iptables -t mangle -P INPUT ACCEPT &&\
$iptables -t mangle -P POSTROUTING ACCEPT &&\
echo "Policing .......................................... [ OK ]" || {
  echo "Something broke in 'Policing'!"
  exit 1
}
...
modprobe iptable_mangle  &&\
modprobe iptable_nat &&\
echo "0" > /proc/sys/net/ipv4/ip_forward &&\
echo "Loading Modules ................................... [ OK ]" || {
  echo "Something broke in 'Modules Loading'!"
  exit 2
}
...

or set 'set -e' but then your script would just exit on 1st error without
telling too much.

--
paolo