0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64



Your IP : 3.133.120.64


Current Path : /etc/rc1.d/
Upload File :
Current File : //etc/rc1.d/K01ebtables

#!/bin/bash
#
# init script for the Ethernet Bridge filter tables
#
# Written by Dag Wieers <dag@wieers.com>
# Modified by Rok Papez <rok.papez@arnes.si>
#	     Bart De Schuymer <bdschuym@pandora.be>
# Adapted to Debian by Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>
#
# chkconfig: - 15 85
# description: Ethernet Bridge filtering tables
#
### BEGIN INIT INFO
# Provides:		ebtables
# Required-Start:	
# Required-Stop:	
# Should-Start:		$local_fs
# Should-Stop:		$local_fs
# Default-Start:	S
# Default-Stop:		0 1 6
# Short-Description:	ebtables ruleset management
# Description:		Saves and restores the state of the ebtables rulesets.
### END INIT INFO

. /lib/lsb/init-functions

test -f /sbin/ebtables || exit 0

EBTABLES_DUMPFILE_STEM=/etc/ebtables

RETVAL=0
prog="ebtables"
desc="Ethernet bridge filtering"
umask 0077

#default configuration
EBTABLES_MODULES_UNLOAD="yes"
EBTABLES_LOAD_ON_START="no"
EBTABLES_SAVE_ON_STOP="no"
EBTABLES_SAVE_ON_RESTART="no"
EBTABLES_SAVE_COUNTER="no"
EBTABLES_BACKUP_SUFFIX="~"

config=/etc/default/$prog
[ -f "$config" ] && . "$config"

function get_supported_tables() {
	EBTABLES_SUPPORTED_TABLES=
	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
	if [ $? -eq 0 ]; then
		log_failure_msg "Error: insufficient privileges to access the ebtables rulesets."
		return
	fi
	for table in filter nat broute; do
		/sbin/ebtables -t $table -L &> /dev/null
		if [ $? -eq 0 ]; then
			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
		fi
	done
}

function load() {
	RETVAL=0
	get_supported_tables
	log_daemon_msg "Restoring ebtables rulesets"
	for table in $EBTABLES_SUPPORTED_TABLES; do
		log_progress_msg "$table"
		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
			RET=$?
			if [ $RET -ne 0 ]; then
				log_progress_msg "(failed)"
				RETVAL=$RET
			fi
		else
			log_progress_msg "(no saved state)"
		fi
	done
	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
		log_progress_msg "no kernel support"
	else
		log_progress_msg "done"
	fi
	log_end_msg $RETVAL
}

function clear() {
	RETVAL=0
	get_supported_tables
	log_daemon_msg "Clearing ebtables rulesets"
	for table in $EBTABLES_SUPPORTED_TABLES; do
		log_progress_msg "$table"
		/sbin/ebtables -t $table --init-table
	done

	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
			rmmod $mod 2> /dev/null
		done
	fi
	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
		log_progress_msg "no kernel support"
	else
		log_progress_msg "done"
	fi
	log_end_msg $RETVAL
}

function save() {
	RETVAL=0
	get_supported_tables
	log_daemon_msg "Saving ebtables rulesets"
	for table in $EBTABLES_SUPPORTED_TABLES; do
		log_progress_msg "$table"
		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
		RET=$?
		if [ $RET -ne 0 ]; then
			log_progress_msg "(failed)"
			RETVAL=$RET
		else
			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
			fi
		fi
	done
	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
		log_progress_msg "no kernel support"
	else
		log_progress_msg "done"
	fi
	log_end_msg $RETVAL
}

case "$1" in
  start)
	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
	;;
  stop)
	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
	clear
	# Never return failure for stop; it's not helpful, and causes problems
	# in some cases during pkg upgrade, e.g. LP: #1774120
	RETVAL=0
	;;
  restart|reload|force-reload)
	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
	clear
	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
	;;
  load)
	load
	;;
  save)
	save
	;;
  status)
	get_supported_tables
	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
		log_failure_msg "No kernel support for ebtables."
		RETVAL=1
	else
		log_daemon_msg "Ebtables support available, number of installed rules"
		for table in $EBTABLES_SUPPORTED_TABLES; do
			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
			log_progress_msg "$table($COUNT)"
		done
		log_end_msg 0
		RETVAL=0
	fi
	;;
  *)
	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
	RETVAL=1
esac

exit $RETVAL