nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-next-node: convert pregenerated ebtables rules to Lua code

Browse Source
This commit is contained in:
Matthias Schiffer 2014-05-14 15:08:43 +02:00
parent 0953c9befb
commit 9367c1ffe7
3 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package/gluon-next-node/Makefile
View File

@ -30,7 +30,6 @@ endef
define Package/gluon-next-node/install
$(CP) ./files/* $(1)/
$(GLUON_GENERATE) ./generate/* $(1)/
endef
$(eval $(call BuildPackage,gluon-next-node))

17
package/gluon-next-node/files/lib/gluon/ebtables/250-next-node Normal file
View File

@ -0,0 +1,17 @@
local site = require 'gluon.site_config'
local next_node = site.next_node
rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')

14
package/gluon-next-node/generate/lib/gluon/ebtables/250-next-node
View File

@ -1,14 +0,0 @@
rule 'FORWARD --logical-out br-client -o bat0 -d @next_node.mac@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -d @next_node.mac@ -j DROP'
rule 'FORWARD --logical-out br-client -o bat0 -s @next_node.mac@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -s @next_node.mac@ -j DROP'
rule 'FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP'
rule 'FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP'
rule 'FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP'
rule 'FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP'
rule 'OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP'