Linux-router News & Developer Blog
garywill opened this issue · comments
Oooa~ There hadn't been a developer's manual for this project.
I'm posting some Linux-router's News & Developer Notes on this post.
++++++++++++++++++++++++++++
Stay away from 996. Everyone lives a healthy life! 🌱
Give ability to Bash script to easily undo iptables changes
(让Bash脚本能够轻松复原iptables更改)
Writing shell commands to add iptables rules is a HeadACHe.
Then having to undo iptables changes is double HHeadACHHe.
Each -I
or -A
needs a -D
.
Each -N
needs -F
+-X
.
I wrote a new function iptb()
for linux-router to reduce the double headache to be single headache.
Usage syntax is almost same with iptables:
iptb 4 v nat I POSTROUTING -s ${GATEWAY%.*}.0/24 $IPTABLES_NAT_OUT $MASQUERADE_NOTOUT ! -d ${GATEWAY%.*}.0/24 -j MASQUERADE || die
iptb 4 v filter I FORWARD -i ${SUBNET_IFACE} $IPTABLES_NAT_OUT -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
iptb 4 v filter I FORWARD -o ${SUBNET_IFACE} $IPTABLES_NAT_IN -d ${GATEWAY%.*}.0/24 -j ACCEPT || die
Undoing iptables changes is mush easier now -- use clean_iptables()
clean_iptables() {
bash $CONFDIR/undo_iptables.sh
[[ -f $CONFDIR/undo_iptables_2.sh ]] && bash $CONFDIR/undo_iptables_2.sh
}
undo_iptables.sh
was automatically generated.
Hope that can make potential contributors fear less about the code :)
See the code of function iptb()
:
Lines 829 to 902 in 15a2e0c