diff options
author | Jonathan Bauer | 2017-10-13 12:51:34 +0200 |
---|---|---|
committer | Jonathan Bauer | 2017-10-13 12:51:34 +0200 |
commit | bc235cd8855505406c59502b5f6bf45ce3ee9dca (patch) | |
tree | 09c48f4de8e23bb8846d37e05377821b093de7db /core/modules/dnbd3-proxy-mode | |
parent | [dnbd3-proxy-mode] new module for netbooted dnbd3 ... (diff) | |
download | mltk-bc235cd8855505406c59502b5f6bf45ce3ee9dca.tar.gz mltk-bc235cd8855505406c59502b5f6bf45ce3ee9dca.tar.xz mltk-bc235cd8855505406c59502b5f6bf45ce3ee9dca.zip |
[dnbd3-proxy-mode] fix bad iptables & typos
Diffstat (limited to 'core/modules/dnbd3-proxy-mode')
-rwxr-xr-x | core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy index 72d6dccc..d35e5635 100755 --- a/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy +++ b/core/modules/dnbd3-proxy-mode/data/opt/openslx/scripts/systemd-setup_dnbd3_proxy @@ -84,14 +84,17 @@ add_alt_server() { FOUND_SAT= add_alt_server ${SLX_DNBD3_PUBLIC} add_alt_server '-' ${SLX_DNBD3_PRIVATE} -[ -z "${FOUND_SAT}" ] && add_alt_server ${SLX_KCL_SERVERS} +# To this day, only the sat IP is in SLX_KCL_SERVERS afaik +[ -n "${FOUND_SAT}" ] && add_alt_server ${SLX_KCL_SERVERS} # now create iptables helper rules DNBD3_IPTABLES_CONF="/opt/openslx/iptables/rules.d/99-dnbd3" -ehco '#!/bin/ash' >> "${DNBD3_IPTABLES_CONF}" +echo '#!/bin/ash' >> "${DNBD3_IPTABLES_CONF}" for CIDR in ${SLX_DNBD3_WHITELIST}; do - echo -n "iptables -w -w -I ipt-helper-INPUT 1 -i br0" - echo "-p tcp \! -s ${CIDR} --dport ${DNBD3_PORT} -j DROP" + echo "iptables -w -w -I ipt-helper-INPUT 1 -i br0 -p tcp -s ${CIDR} --dport ${DNBD3_PORT} -j ACCEPT" done >> "${DNBD3_IPTABLES_CONF}" +[ -n "${SLX_DNBD3_WHITELIST}" ] && \ + echo "iptables -w -w -I ipt-helper-INPUT 1 -i br0 -p tcp --dport ${DNBD3_PORT} -j REJECT" >> "${DNBD3_IPTABLES_CONF}" +chmod +x "${DNBD3_IPTABLES_CONF}" -# TODO set DNBD3_SERV0R issue warning for ttys +return 0 |