core/modules/netpoint-lightdm/data/usr/local/bin/guest-setup


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

#!/bin/sh

IPTABLES=$(/usr/bin/which iptables)

# reset
"$IPTABLES" -F INPUT
"$IPTABLES" -F FORWARD
"$IPTABLES" -F OUTPUT

if [ "x${USER}" = "xdemo" ]; then
	# filter out the internetz
	"$IPTABLES" -P INPUT DROP
	"$IPTABLES" -P FORWARD DROP
	"$IPTABLES" -P OUTPUT DROP

	# block internetz
	"$IPTABLES" -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	"$IPTABLES" -A OUTPUT -d 132.230.0.0/16 -j ACCEPT
	"$IPTABLES" -A OUTPUT -d 10.0.0.0/8 -j ACCEPT
else
	"$IPTABLES" -P INPUT ACCEPT
	"$IPTABLES" -P FORWARD ACCEPT
	"$IPTABLES" -P OUTPUT ACCEPT
		
fi