lixonet-ee/tinc/tinc-down.tmpl

15 lines
827 B
Cheetah
Raw Normal View History

#!/bin/sh
{{ if len "${ip_aliases:-}" }}{{ range "$ip_aliases" | split "," }}iptables -t nat -D PREROUTING -d {{ . }} -i \$INTERFACE -j DNAT --to-destination ${tinc_peer_address}
2020-06-26 13:17:16 -06:00
iptables -t nat -D PREROUTING -d {{ . }} -i eth0 -j DNAT --to-destination ${tinc_peer_address}
{{ end }}{{ end }}
2020-06-09 16:26:25 +00:00
# Disable IPv4 kernel routing/forwarding for this network
iptables -D FORWARD -o \$INTERFACE -d ${network_address}/${global_prefix:-16} -j ACCEPT
2020-06-26 13:17:16 -06:00
{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}iptables -D FORWARD -o eth0 -d {{.}} -j ACCEPT
2020-06-09 16:26:25 +00:00
{{ end }}{{ end }}
2020-06-12 23:13:06 +00:00
# Prevent spoofing attacks
2020-06-12 23:17:41 +00:00
iptables -D FORWARD -i \$INTERFACE ! -s ${network_address}/${global_prefix:-16} -j DROP
2020-06-12 23:13:06 +00:00
{{ if len "${bgp_routes:-}" }}{{ range "$bgp_routes" | split "," }}iptables -D FORWARD -i \$INTERFACE -s {{.}} -j DROP
{{ end }}{{ end }}