moblock/MoBlock-nfq.sh.patch

   1 --- MoBlock-0.8/MoBlock-nfq.sh.orig     2008-11-30 03:44:02.000000000 -0500
   2 +++ MoBlock-0.8/MoBlock-nfq.sh  2008-12-01 18:56:15.000000000 -0500
   3 @@ -3,14 +3,10 @@
   4  # MoBlock.sh - MoBlock start script
   5  # ---------------------------------
   6
   7 -ACTIVATE_CHAINS=1
   8 -WHITE_TCP_IN=""
   9 -WHITE_UDP_IN=""
  10 -WHITE_TCP_OUT=""
  11 -WHITE_UDP_OUT=""
  12 -WHITE_TCP_FORWARD=""
  13 -WHITE_UDP_FORWARD=""
  14 +# Some configuration options have been moved to an external conf file
  15 +# This should make maintenance and upgrading easier
  16
  17 +. /etc/moblock/config
  18
  19  PIDF=/var/run/moblock.pid
  20
  21 @@ -78,6 +74,17 @@
  22         iptables -I MOBLOCK_FW -p udp --dport $PORT -j ACCEPT
  23  done
  24
  25 +# For added IP whitelisting support
  26 +
  27 +for IP in $WHITE_IP_OUT; do
  28 +    iptables -I MOBLOCK_OUT -p all -m iprange --dst-range $IP -j ACCEPT
  29 +done
  30 +for IP in $WHITE_IP_IN; do
  31 +    iptables -I MOBLOCK_IN -p all -m iprange --src-range $IP -j ACCEPT
  32 +done
  33 +for IP in $WHITE_IP_FW; do
  34 +    iptables -I MOBLOCK_FW -p all -m iprange --dst-range $IP -j ACCEPT
  35 +done
  36
  37  # Loopback traffic fix
  38
  39 @@ -85,7 +92,8 @@
  40  iptables -I OUTPUT -p all -o lo -j ACCEPT
  41
  42  # Here you can change block list and log files
  43 -./moblock -p /etc/guarding.p2p ./moblock.log
  44 +#./moblock -p /etc/guarding.p2p ./moblock.log
  45 +/usr/bin/moblock -p /etc/moblock/banned.list /var/log/moblock.log >/dev/null 2>&1
  46
  47  # On exit delete the rules we added
  48
  49 @@ -108,3 +116,4 @@
  50  if [ -f $PIDF ]; then
  51         rm $PIDF;
  52  fi
  53 +