whitespaces
This commit is contained in:
parent
8eb0180b51
commit
372ad8f1d1
|
@ -60,8 +60,7 @@ IPV6=$(grep "IPV6=" /etc/default/minifirewall | awk -F '=' -F "'" '{print $2}')
|
||||||
DOCKER=$(grep "DOCKER=" /etc/default/minifirewall | awk -F '=' -F "'" '{print $2}')
|
DOCKER=$(grep "DOCKER=" /etc/default/minifirewall | awk -F '=' -F "'" '{print $2}')
|
||||||
INT=$(grep "INT=" /etc/default/minifirewall | awk -F '=' -F "'" '{print $2}')
|
INT=$(grep "INT=" /etc/default/minifirewall | awk -F '=' -F "'" '{print $2}')
|
||||||
|
|
||||||
chain_exists()
|
chain_exists() {
|
||||||
{
|
|
||||||
local chain_name="$1" ; shift
|
local chain_name="$1" ; shift
|
||||||
[ $# -eq 1 ] && local intable="--table $1"
|
[ $# -eq 1 ] && local intable="--table $1"
|
||||||
# shellcheck disable=SC2086
|
# shellcheck disable=SC2086
|
||||||
|
@ -188,7 +187,6 @@ start() {
|
||||||
|
|
||||||
|
|
||||||
if [ "${DOCKER}" = "on" ]; then
|
if [ "${DOCKER}" = "on" ]; then
|
||||||
|
|
||||||
${IPT} -N MINIFW-DOCKER-TRUSTED
|
${IPT} -N MINIFW-DOCKER-TRUSTED
|
||||||
${IPT} -A MINIFW-DOCKER-TRUSTED -j DROP
|
${IPT} -A MINIFW-DOCKER-TRUSTED -j DROP
|
||||||
|
|
||||||
|
@ -210,7 +208,6 @@ start() {
|
||||||
# Pipe new connection through MINIFW-DOCKER-PUB
|
# Pipe new connection through MINIFW-DOCKER-PUB
|
||||||
${IPT} -A DOCKER-USER -i ${INT} -m state --state NEW -j MINIFW-DOCKER-PUB
|
${IPT} -A DOCKER-USER -i ${INT} -m state --state NEW -j MINIFW-DOCKER-PUB
|
||||||
${IPT} -A DOCKER-USER -j RETURN
|
${IPT} -A DOCKER-USER -j RETURN
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
@ -260,7 +257,6 @@ start() {
|
||||||
|
|
||||||
|
|
||||||
if [ "${DOCKER}" = "on" ]; then
|
if [ "${DOCKER}" = "on" ]; then
|
||||||
|
|
||||||
# Public services defined in SERVICESTCP1 & SERVICESUDP1
|
# Public services defined in SERVICESTCP1 & SERVICESUDP1
|
||||||
for dstport in ${SERVICESTCP1}; do
|
for dstport in ${SERVICESTCP1}; do
|
||||||
${IPT} -I MINIFW-DOCKER-PUB -p tcp --dport "${dstport}" -j RETURN
|
${IPT} -I MINIFW-DOCKER-PUB -p tcp --dport "${dstport}" -j RETURN
|
||||||
|
@ -416,7 +412,6 @@ stop() {
|
||||||
${IPT} -X MINIFW-DOCKER-PRIVILEGED
|
${IPT} -X MINIFW-DOCKER-PRIVILEGED
|
||||||
${IPT} -F MINIFW-DOCKER-TRUSTED
|
${IPT} -F MINIFW-DOCKER-TRUSTED
|
||||||
${IPT} -X MINIFW-DOCKER-TRUSTED
|
${IPT} -X MINIFW-DOCKER-TRUSTED
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Accept all
|
# Accept all
|
||||||
|
|
Loading…
Reference in a new issue