external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2026-03-29 20:57:22 +02:00
Code Issues Releases Wiki Activity

replaced iptables-persistent with another iptables-persistent in /etc/init.d, this one also will save ipsets and allow persistence upon reboot. Cleaned up some code, changed debconf variables at iptables-persistent install to false. Still installs iptable-persistant through apt, just to get rid of all the foundation work for it to run, but is quickly replaced.

Browse Source
This commit is contained in:
ChiefGyk
2016-06-29 21:35:37 -04:00
parent 9b3a158b72
commit 52410106e9
6 changed files with 194 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
setup/blacklist.sh
View File

@@ -8,14 +8,15 @@
source setup/functions.sh # load our functions
source /etc/mailinabox.conf # load global vars
apt_install -y ipset
echo iptables-persistent iptables-persistent/autosave_v4 boolean false | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean false | debconf-set-selections
apt_install -y ipset dialog iptables-persistent
cp conf/iptables-persistent /etc/init.d/iptables-persistent
ipset create blacklist hash:net
iptables -I INPUT -m set --match-set blacklist src -j DROP
cp conf/blacklist/blacklist /etc/cron.daily/blacklist
chmod a+x /etc/cron.daily/blacklist
time /etc/cron.daily/blacklist
source setup/dialog.sh
iptables-save > /etc/iptables.up.rules
sed -i -e "\$apre-up ipset restore < /etc/ipset.up.rules" /etc/network/interfaces
sed -i -e "\$apost up iptables-restore < /etc/iptables.up.rules" /etc/network/interfaces
/etc/init.d/iptables-persistent save
echo "Blacklist has been installed. It will run daily automatically."

14
setup/dialog.sh
View File

@@ -25,31 +25,23 @@ CHOICE=$(dialog --clear \
clear
case $CHOICE in
1)
echo "Ok Mr. Trump"
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
echo "Are you Donald Trump?"
cp conf/blacklist/china /etc/cron.weekly/china
chmod +x /etc/cron.weekly/china
time /etc/cron.weekly/china
apt-get install -y iptables-persistent
;;
2)
echo "Starting the Korean war again"
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
cp conf/blacklist/korea /etc/cron.weekly/korea
chmod +x /etc/cron.weekly/korea
time /etc/cron.weekly/korea
apt-get install -y iptables-persistent
;;
3)
echo "Blocking almost 1/3 of the world"
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
cp conf/blacklist/sinokorea /etc/cron.weekly/sinokorea
chmod +x /etc/cron.weekly/sinokorea
time /etc/cron.weekly/sinokorea
apt-get install -y iptables-persistent
;;
4) break;;
4) echo "Doing nothing"
;;
esac