iptables flushing and restoring

2017-04-14 14:47:43 +03:00 · 2017-04-14 14:47:43 +03:00 · e76c241069
commit e76c241069
parent 2f3b03001a
2 changed files with 30 additions and 0 deletions
--- a/ipsec/iptables-setup.sh
+++ b/ipsec/iptables-setup.sh
@ -57,6 +57,9 @@ read -p "Would you want to disable client-to-client routing? [yes] " ANSDROP
 if [ "$DROP" == "$ANSDROP" ]; then
    # disable forwarding
    iptables -I FORWARD -s $LOCALIPMASK -d $LOCALIPMASK -j DROP
+else
+    echo "Deleting DROP rule if exists..."
+    iptables -D FORWARD -s $LOCALIPMASK -d $LOCALIPMASK -j DROP
 fi

 # MSS Clamping
@ -82,3 +85,9 @@ if [ $? -ne 0 ]; then
 		echo "Cannot save iptables-restore from $IPTABLES to $RCLOCAL."
 	fi
 fi
+
+iptables -F
+
+if [[ ! -z $IPTABLERESTOR ]]; then
+	$IPTABLESRESTOR < $IPTABLES
+fi
--- a/pptp/iptables-setup.sh
+++ b/pptp/iptables-setup.sh
@ -55,6 +55,9 @@ read -p "Would you want to disable client-to-client routing? [yes] " ANSDROP
 if [ "$DROP" == "$ANSDROP" ]; then
    # disable forwarding
    iptables -I FORWARD -s $LOCALIPMASK -d $LOCALIPMASK -j DROP
+else
+    echo "Deleting DROP rule if exists..."
+    iptables -D FORWARD -s $LOCALIPMASK -d $LOCALIPMASK -j DROP
 fi

 # MSS Clamping
@ -84,3 +87,21 @@ if [ $? -ne 0 ]; then
 		echo "Cannot save iptables-restore from $IPTABLES to $RCLOCAL."
 	fi
 fi
+
+IPTABLESRESTOR=$(which iptables-restore)
+RESTORPRESENTS=$(grep iptables-restore $RCLOCAL)
+if [ $? -ne 0 ]; then
+	if [[ ! -z $IPTABLESRESTOR ]]; then
+		sed -i -e "/exit 0/d" $RCLOCAL
+		echo "$IPTABLESRESTOR < $IPTABLES" >> $RCLOCAL
+		echo "exit 0" >> $RCLOCAL
+	else
+		echo "Cannot save iptables-restore from $IPTABLES to $RCLOCAL."
+	fi
+fi
+
+iptables -F
+
+if [[ ! -z $IPTABLERESTOR ]]; then
+	$IPTABLESRESTOR < $IPTABLES
+fi