Current File : //usr/libexec/iptables/iptables.init
#!/bin/bash
#
# iptables	Start iptables firewall
#
# chkconfig: 2345 08 92
# description:	Starts, stops and saves iptables firewall
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config
#
### BEGIN INIT INFO
# Provides: iptables
# Required-Start:
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop iptables firewall
# Description: Start, stop and save iptables firewall
### END INIT INFO

# Source function library.
. /etc/init.d/functions

IPTABLES=iptables
IPTABLES_DATA=/etc/sysconfig/$IPTABLES
IPTABLES_FALLBACK_DATA=${IPTABLES_DATA}.fallback
IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
[ "$IPV" = "ip" ] && _IPV="ipv4" || _IPV="ipv6"
PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES
RESTORECON=$(which restorecon 2>/dev/null)
[ ! -x "$RESTORECON" ] && RESTORECON=/bin/true

# only usable for root
if [ $EUID != 0 ]; then
    echo -n $"${IPTABLES}: Only usable by root."; warning; echo
    exit 4
fi

if [ ! -x /sbin/$IPTABLES ]; then
    echo -n $"${IPTABLES}: /sbin/$IPTABLES does not exist."; warning; echo
    exit 5
fi

# Default firewall configuration:
IPTABLES_MODULES=""
IPTABLES_SAVE_ON_STOP="no"
IPTABLES_SAVE_ON_RESTART="no"
IPTABLES_SAVE_COUNTER="no"
IPTABLES_STATUS_NUMERIC="yes"
IPTABLES_STATUS_VERBOSE="no"
IPTABLES_STATUS_LINENUMBERS="yes"
IPTABLES_SYSCTL_LOAD_LIST=""
IPTABLES_RESTORE_WAIT=600
IPTABLES_RESTORE_WAIT_INTERVAL=1000000

# Load firewall configuration.
[ -f "$IPTABLES_CONFIG" ] && . "$IPTABLES_CONFIG"

# Get active tables
NF_TABLES=$(cat "$PROC_IPTABLES_NAMES" 2>/dev/null)

# Prepare commands for wait options
IPTABLES_CMD="$IPTABLES"
IPTABLES_RESTORE_CMD="$IPTABLES-restore"
if [ $IPTABLES_RESTORE_WAIT -ne 0 ]; then
	OPT="--wait ${IPTABLES_RESTORE_WAIT}"
	if [ $IPTABLES_RESTORE_WAIT_INTERVAL -lt 1000000 ]; then
	    OPT+=" --wait-interval ${IPTABLES_RESTORE_WAIT_INTERVAL}"
	fi
	IPTABLES_CMD+=" $OPT"
	IPTABLES_RESTORE_CMD+=" $OPT"
fi

flush_n_delete() {
    local ret=0

    # Flush firewall rules and delete chains.
    [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0

    # Check if firewall is configured (has tables)
    [ -z "$NF_TABLES" ] && return 1

    echo -n $"${IPTABLES}: Flushing firewall rules: "
    # For all tables
    for i in $NF_TABLES; do
        # Flush firewall rules.
	$IPTABLES_CMD -t $i -F;
	let ret+=$?;

        # Delete firewall chains.
	$IPTABLES_CMD -t $i -X;
	let ret+=$?;

	# Set counter to zero.
	$IPTABLES_CMD -t $i -Z;
	let ret+=$?;
    done

    [ $ret -eq 0 ] && success || failure
    echo
    return $ret
}

set_policy() {
    local ret=0

    # Set policy for configured tables.
    policy=$1

    # Check if iptable module is loaded
    [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0

    # Check if firewall is configured (has tables)
    tables=$(cat "$PROC_IPTABLES_NAMES" 2>/dev/null)
    [ -z "$tables" ] && return 1

    echo -n $"${IPTABLES}: Setting chains to policy $policy: "
    for i in $tables; do
	echo -n "$i "
	case "$i" in
	    raw)
		$IPTABLES_CMD -t raw -P PREROUTING $policy \
		    && $IPTABLES_CMD -t raw -P OUTPUT $policy \
		    || let ret+=1
		;;
	    filter)
                $IPTABLES_CMD -t filter -P INPUT $policy \
		    && $IPTABLES_CMD -t filter -P OUTPUT $policy \
		    && $IPTABLES_CMD -t filter -P FORWARD $policy \
		    || let ret+=1
		;;
	    nat)
		$IPTABLES_CMD -t nat -P PREROUTING $policy \
		    && $IPTABLES_CMD -t nat -P POSTROUTING $policy \
		    && $IPTABLES_CMD -t nat -P OUTPUT $policy \
		    || let ret+=1
		;;
	    mangle)
	        $IPTABLES_CMD -t mangle -P PREROUTING $policy \
		    && $IPTABLES_CMD -t mangle -P POSTROUTING $policy \
		    && $IPTABLES_CMD -t mangle -P INPUT $policy \
		    && $IPTABLES_CMD -t mangle -P OUTPUT $policy \
		    && $IPTABLES_CMD -t mangle -P FORWARD $policy \
		    || let ret+=1
		;;
	    security)
	        # Ignore the security table
	        ;;
	    *)
	        let ret+=1
		;;
        esac
    done

    [ $ret -eq 0 ] && success || failure
    echo
    return $ret
}

load_sysctl() {
    local ret=0

    # load matched sysctl values
    if [ -n "$IPTABLES_SYSCTL_LOAD_LIST" ]; then
        echo -n $"Loading sysctl settings: "
        for item in $IPTABLES_SYSCTL_LOAD_LIST; do
            fgrep -hs $item /etc/sysctl.d/* | sysctl -p - >/dev/null
            let ret+=$?;
        done
        [ $ret -eq 0 ] && success || failure
        echo
    fi
    return $ret
}

start() {
    local ret=0

    # Do not start if there is no config file.
    if [ ! -f "$IPTABLES_DATA" ]; then
	echo -n $"${IPTABLES}: No config file."; warning; echo
	return 6
    fi

    # check if ipv6 module load is deactivated
    if [ "${_IPV}" = "ipv6" ] \
	&& grep -qIsE "^install[[:space:]]+${_IPV}[[:space:]]+/bin/(true|false)" /etc/modprobe.conf /etc/modprobe.d/* ; then
	echo $"${IPTABLES}: ${_IPV} is disabled."
	return 150
    fi

    echo -n $"${IPTABLES}: Applying firewall rules: "

    OPT=
    [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"

    $IPTABLES_RESTORE_CMD $OPT $IPTABLES_DATA
    if [ $? -eq 0 ]; then
	success; echo
    else
	failure; echo;
	if [ -f "$IPTABLES_FALLBACK_DATA" ]; then
	    echo -n $"${IPTABLES}: Applying firewall fallback rules: "
	    $IPTABLES_RESTORE_CMD $OPT $IPTABLES_FALLBACK_DATA
	    if [ $? -eq 0 ]; then
		success; echo
	    else
		failure; echo; return 1
	    fi
	else
	    return 1
	fi
    fi
    
    # Load additional modules (helpers)
    if [ -n "$IPTABLES_MODULES" ]; then
	echo -n $"${IPTABLES}: Loading additional modules: "
	for mod in $IPTABLES_MODULES; do
	    echo -n "$mod "
	    modprobe $mod > /dev/null 2>&1
	    let ret+=$?;
	done
	[ $ret -eq 0 ] && success || failure
	echo
    fi
    
    # Load sysctl settings
    load_sysctl

    touch $VAR_SUBSYS_IPTABLES
    return $ret
}

stop() {
    local ret=0

    # Do not stop if iptables module is not loaded.
    [ ! -e "$PROC_IPTABLES_NAMES" ] && return 0

    # Set default chain policy to ACCEPT, in order to not break shutdown
    # on systems where the default policy is DROP and root device is
    # network-based (i.e.: iSCSI, NFS)
    set_policy ACCEPT
    let ret+=$?
    # And then, flush the rules and delete chains
    flush_n_delete
    let ret+=$?
    
    rm -f $VAR_SUBSYS_IPTABLES
    return $ret
}

save() {
    local ret=0

    # Check if iptable module is loaded
    if [ ! -e "$PROC_IPTABLES_NAMES" ]; then
	echo -n $"${IPTABLES}: Nothing to save."; warning; echo
	return 0
    fi

    # Check if firewall is configured (has tables)
    if [ -z "$NF_TABLES" ]; then
	echo -n $"${IPTABLES}: Nothing to save."; warning; echo
	return 6
    fi

    echo -n $"${IPTABLES}: Saving firewall rules to $IPTABLES_DATA: "

    OPT=
    [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"

    TMP_FILE=$(/bin/mktemp -q $IPTABLES_DATA.XXXXXX) \
	&& chmod 600 "$TMP_FILE" \
	&& $IPTABLES-save $OPT > $TMP_FILE 2>/dev/null \
	&& size=$(stat -c '%s' $TMP_FILE) && [ $size -gt 0 ] \
	|| ret=1
    if [ $ret -eq 0 ]; then
	if [ -e $IPTABLES_DATA ]; then
	    cp -f $IPTABLES_DATA $IPTABLES_DATA.save \
		&& chmod 600 $IPTABLES_DATA.save \
		&& $RESTORECON $IPTABLES_DATA.save \
		|| ret=1
	fi
	if [ $ret -eq 0 ]; then
	    mv -f $TMP_FILE $IPTABLES_DATA \
		&& chmod 600 $IPTABLES_DATA \
		&& $RESTORECON $IPTABLES_DATA \
	        || ret=1
	fi
    fi
    rm -f $TMP_FILE
    [ $ret -eq 0 ] && success || failure
    echo
    return $ret
}

status() {
    if [ ! -f "$VAR_SUBSYS_IPTABLES" ] && [ -z "$NF_TABLES" ]; then
	echo $"${IPTABLES}: Firewall is not running."
	return 3
    fi

    # Do not print status if lockfile is missing and iptables modules are not 
    # loaded.
    # Check if iptable modules are loaded
    if [ ! -e "$PROC_IPTABLES_NAMES" ]; then
	echo $"${IPTABLES}: Firewall modules are not loaded."
	return 3
    fi

    # Check if firewall is configured (has tables)
    if [ -z "$NF_TABLES" ]; then
	echo $"${IPTABLES}: Firewall is not configured. "
	return 3
    fi

    NUM=
    [ "x$IPTABLES_STATUS_NUMERIC" = "xyes" ] && NUM="-n"
    VERBOSE=
    [ "x$IPTABLES_STATUS_VERBOSE" = "xyes" ] && VERBOSE="--verbose"
    COUNT=
    [ "x$IPTABLES_STATUS_LINENUMBERS" = "xyes" ] && COUNT="--line-numbers"

    for table in $NF_TABLES; do
	echo $"Table: $table"
	$IPTABLES -t $table --list $NUM $VERBOSE $COUNT && echo
    done

    return 0
}

reload() {
    local ret=0

    # Do not reload if there is no config file.
    if [ ! -f "$IPTABLES_DATA" ]; then
	echo -n $"${IPTABLES}: No config file."; warning; echo
	return 6
    fi

    # check if ipv6 module load is deactivated
    if [ "${_IPV}" = "ipv6" ] \
	&& grep -qIsE "^install[[:space:]]+${_IPV}[[:space:]]+/bin/(true|false)" /etc/modprobe.conf /etc/modprobe.d/* ; then
	echo $"${IPTABLES}: ${_IPV} is disabled."
	return 150
    fi

    echo -n $"${IPTABLES}: Trying to reload firewall rules: "

    OPT=
    [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"

    $IPTABLES_RESTORE_CMD $OPT $IPTABLES_DATA
    if [ $? -eq 0 ]; then
	success; echo
    else
	failure; echo; echo "Firewall rules are not changed."; return 1
    fi

    # Load additional modules (helpers)
    if [ -n "$IPTABLES_MODULES" ]; then
	echo -n $"${IPTABLES}: Loading additional modules: "
	for mod in $IPTABLES_MODULES; do
	    echo -n "$mod "
	    modprobe $mod > /dev/null 2>&1
	    let ret+=$?;
	done
	[ $ret -eq 0 ] && success || failure
	echo
    fi

    # Load sysctl settings
    load_sysctl

    return $ret
}

restart() {
    [ "x$IPTABLES_SAVE_ON_RESTART" = "xyes" ] && save
    stop
    start
}


case "$1" in
    start)
	[ -f "$VAR_SUBSYS_IPTABLES" ] && exit 0
	start
	RETVAL=$?
	;;
    stop)
	[ "x$IPTABLES_SAVE_ON_STOP" = "xyes" ] && save
	stop
	RETVAL=$?
	;;
    restart|force-reload)
	restart
	RETVAL=$?
	;;
    reload)
	[ -e "$VAR_SUBSYS_IPTABLES" ] && reload
	RETVAL=$?
	;;      
    condrestart|try-restart)
	[ ! -e "$VAR_SUBSYS_IPTABLES" ] && exit 0
	restart
	RETVAL=$?
	;;
    status)
	status
	RETVAL=$?
	;;
    panic)
	set_policy DROP
	RETVAL=$?
        ;;
    save)
	save
	RETVAL=$?
	;;
    *)
	echo $"Usage: ${IPTABLES} {start|stop|reload|restart|condrestart|status|panic|save}"
	RETVAL=2
	;;
esac

exit $RETVAL
blog
BDM Cricket India

blog

8d25650162e5

June 11, 2025 blog 0

Noxwin Gambling enterprise Canada ️ Rating C$a hundred Welcome Extra Blogs Safer, Prompt, and you will Legitimate Casino Financial Options for 2024 Exclusive Crypto Now offers A primary area of amount to your organization is the on the internet gaming world in the China and you can Europe. Video slots …

Read More »

Unique Casino (Avis 2025) Bonus 200% jusqu’à 500.1713

June 8, 2025 blog 0

Unique Casino Avis 2025 Profitez d’un Bonus Exclusif de 200% Jusqu’à 500€ ▶️ JOUER Содержимое Unique Casino (Avis 2025) : Découvrez l’Expérience Ultime Bonus Exclusif : 200% Jusqu’à 500€ Pourquoi Choisir Unique Casino en 2025 ? Jeux de Casino Variés et Passionnants Sécurité et Fiabilité à Toute Épreuve Support Client …

Read More »

Los mejores casinos online de España.617

June 8, 2025 blog 0

Содержимое ¿Qué es un casino online? ¿Cómo elegir el mejor casino online? Los mejores casinos online para jugadores españoles ¿Cómo elegir el mejor casino online para ti? Seguridad y responsabilidad en los casinos online Mejor casino online: ¿cómo elegir? Los mejores casinos online de España En la actualidad, el mundo …

Read More »

WinSpirit Online Casino Australia Real Money Play.659

June 8, 2025 blog 0

WinSpirit Online Casino Australia Your Gateway to Real Money Gaming Excitement ▶️ PLAY Содержимое WinSpirit Online Casino Australia: Your Gateway to Real Money Play Why Choose WinSpirit Online Casino for Real Money Gaming? Explore the Best Casino Games at WinSpirit Australia Secure and Fast Real Money Transactions at WinSpirit Exclusive …

Read More »

1win — регистрация в букмекерской конторе 1вин.1299

June 8, 2025 blog 0

Содержимое Шаги регистрации в 1win Как начать играть и получать бонусы в 1win 1win — регистрация в букмекерской конторе 1вин В мире ставок и азарта 1вин является одним из самых популярных букмекеров. Компания была основана в 2018 году и с тех пор стала одним из лидеров на рынке. 1вин предлагает …

Read More »

Casinos online populares en España.1533

June 8, 2025 blog 0

Casinos online populares en España ▶️ JUGAR Содержимое Los mejores sitios de casino online en España ¿Qué son los casinos online? Características de los casinos online Tipos de casinos online Los mejores casinos online en España ¿Cómo elegir el mejor casino online para ti? Seguridad y responsabilidad en los casinos …

Read More »

Meilleur Casino en Ligne 2025 – Sites Fiables.6959

June 8, 2025 blog 0

Содержимое Les Meilleurs Casinos en Ligne pour les Joueurs Français Les Meilleurs Casinos en Ligne Légaux pour les Joueurs Français Les Meilleurs Casinos en Ligne Fiables pour les Joueurs Français Les Meilleurs Casinos en Ligne Gratuits pour les Joueurs Français Comment Choisir un Casino en Ligne Fiable et Sécurisé Meilleur …

Read More »

Best UK Casino Sites 2025 Trusted Reviews and Top Picks.1075

June 8, 2025 blog 0

Best UK Casino Sites 2025 – Trusted Reviews and Top Picks ▶️ PLAY Содержимое Top 5 Online Casinos for UK Players How to Choose the Best UK Online Casino Game Selection Customer Support UK Online Casino Bonuses and Promotions Secure and Reliable UK Online Casinos In the ever-evolving world of …

Read More »

Best UK Casino Sites 2025 Trusted Reviews and Top Picks.299

June 8, 2025 blog 0

Содержимое Top 5 Online Casinos in the UK Mastercard Casinos: A Secure and Convenient Option Apple Pay Casino: A Convenient and Secure Option Animal Slots: A Fun and Exciting Option Conclusion How to Choose the Best Online Casino for You UK Online Casino Regulations and Licenses Popular Payment Methods in …

Read More »

Los casinos online más populares de España.1496

June 8, 2025 blog 0

Los casinos online más populares de España ▶️ JUGAR Содержимое Los casinos online más populares de España Casino online con bono sin depósito Casino online confiable La lista de los mejores casinos online de España Características clave para elegir el mejor casino online En la actualidad, los casinos online han …

Read More »
© Copyright 2025, All Rights Reserved