|  |  | @ -1,6 +1,8 @@ | 
			
		
	
		
		
			
				
					
					|  |  |  | #!/bin/bash |  |  |  | #!/bin/bash | 
			
		
	
		
		
			
				
					
					|  |  |  | # info: update system firewall rules |  |  |  | # info: update system firewall rules | 
			
		
	
		
		
			
				
					
					|  |  |  | # options: NONE |  |  |  | # options: NEED_IPT_SWITCH | 
			
				
				
			
		
	
		
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | #		if first parameter set and it's value is iptables | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | #		for rpm system, then need to activate iptables | 
			
		
	
		
		
			
				
					
					|  |  |  | # |  |  |  | # | 
			
		
	
		
		
			
				
					
					|  |  |  | # example: v-update-firewall |  |  |  | # example: v-update-firewall | 
			
		
	
		
		
			
				
					
					|  |  |  | # |  |  |  | # | 
			
		
	
	
		
		
			
				
					|  |  | @ -9,6 +11,7 @@ | 
			
		
	
		
		
			
				
					
					|  |  |  | #----------------------------------------------------------# |  |  |  | #----------------------------------------------------------# | 
			
		
	
		
		
			
				
					
					|  |  |  | #                Variables & Functions                     # |  |  |  | #                Variables & Functions                     # | 
			
		
	
		
		
			
				
					
					|  |  |  | #----------------------------------------------------------# |  |  |  | #----------------------------------------------------------# | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | need_ipt_switch="$1" | 
			
		
	
		
		
			
				
					
					|  |  |  | 
 |  |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |  | # Defining absolute path for iptables and modprobe |  |  |  | # Defining absolute path for iptables and modprobe | 
			
		
	
		
		
			
				
					
					|  |  |  | iptables="/sbin/iptables" |  |  |  | iptables="/sbin/iptables" | 
			
		
	
	
		
		
			
				
					|  |  | @ -36,6 +39,15 @@ is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' | 
			
		
	
		
		
			
				
					
					|  |  |  | #                       Action                             # |  |  |  | #                       Action                             # | 
			
		
	
		
		
			
				
					
					|  |  |  | #----------------------------------------------------------# |  |  |  | #----------------------------------------------------------# | 
			
		
	
		
		
			
				
					
					|  |  |  | 
 |  |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | if [ -f /etc/redhat-release ] && [ "$need_ipt_switch" = "iptables" ]; then | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	# Revert from nftables to iptables only first time | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	systemctl stop firewalld | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	systemctl disable firewalld | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	dnf erase nftables -y | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	dnf install iptables-legacy iptables-legacy-libs iptables-services iptables-utils ipset -y | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 	systemctl enable iptables --now | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | fi | 
			
		
	
		
		
			
				
					
					|  |  |  |  |  |  |  | 
 | 
			
		
	
		
		
			
				
					
					|  |  |  | # Self heal iptables links |  |  |  | # Self heal iptables links | 
			
		
	
		
		
			
				
					
					|  |  |  | heal_iptables_links |  |  |  | heal_iptables_links | 
			
		
	
		
		
			
				
					
					|  |  |  | 
 |  |  |  | 
 | 
			
		
	
	
		
		
			
				
					|  |  | 
 |