summaryrefslogtreecommitdiffstats
path: root/roles/common/files/usr/local/sbin
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/usr/local/sbin')
-rwxr-xr-xroles/common/files/usr/local/sbin/update-firewall.sh4
1 files changed, 2 insertions, 2 deletions
diff --git a/roles/common/files/usr/local/sbin/update-firewall.sh b/roles/common/files/usr/local/sbin/update-firewall.sh
index 2e16711..84e076a 100755
--- a/roles/common/files/usr/local/sbin/update-firewall.sh
+++ b/roles/common/files/usr/local/sbin/update-firewall.sh
@@ -35,44 +35,44 @@ secproto=esp # must match /etc/ipsec.conf; ESP is the default (vs AH/IPComp)
fail2ban_re='^(\[[0-9]+:[0-9]+\]\s+)?-A fail2ban-\S'
IPSec_re=" -m policy --dir (in|out) --pol ipsec --reqid [0-9]+ --proto $secproto -j ACCEPT$"
declare -A rss=() tables=()
usage() {
cat >&2 <<- EOF
Usage: $0 [OPTIONS]
Options:
-f force: no confirmation asked
-c check: check (dry-run) mode
-v verbose: see the difference between old and new ruleset
-4 IPv4 only
-6 IPv6 only
EOF
exit 1
}
log() {
- /usr/bin/logger -st firewall -p syslog.info -- "$@"
+ /usr/bin/logger -st firewall -p user.info -- "$@"
}
fatal() {
- /usr/bin/logger -st firewall -p syslog.err -- "$@"
+ /usr/bin/logger -st firewall -p user.err -- "$@"
exit 1
}
iptables() {
# Fake iptables/ip6tables(8); use the more efficient
# iptables-restore(8) instead.
echo "$@" >> "$new";
}
commit() {
# End a table
echo COMMIT >> "$new"
}
inet46() {
case "$1" in
4) echo "$2";;
6) echo "$3";;
esac
}
ipt-chains() {
# Define new (tables and) chains.
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-23 17:08:11 +0000