|
@@ -11,6 +11,12 @@ cd "$(dirname "$0")"
|
|
|
#send a message
|
|
#send a message
|
|
|
verbose "Configuring IPTables"
|
|
verbose "Configuring IPTables"
|
|
|
|
|
|
|
|
|
|
+#defaults to nftables by default this enables iptables
|
|
|
|
|
+if [ ."$os_codename" = ."buster" ]; then
|
|
|
|
|
+ update-alternatives --set iptables /usr/sbin/iptables-legacy
|
|
|
|
|
+ update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
|
|
|
|
+fi
|
|
|
|
|
+
|
|
|
#run iptables commands
|
|
#run iptables commands
|
|
|
iptables -A INPUT -i lo -j ACCEPT
|
|
iptables -A INPUT -i lo -j ACCEPT
|
|
|
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
|
@@ -44,12 +50,6 @@ iptables -P INPUT DROP
|
|
|
iptables -P FORWARD DROP
|
|
iptables -P FORWARD DROP
|
|
|
iptables -P OUTPUT ACCEPT
|
|
iptables -P OUTPUT ACCEPT
|
|
|
|
|
|
|
|
-# Debian 10 - defaults to nftables by default this enables iptables
|
|
|
|
|
-if [ ."$os_codename" = ."buster" ]; then
|
|
|
|
|
- update-alternatives --set iptables /usr/sbin/iptables-legacy
|
|
|
|
|
- update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
|
|
|
|
|
-fi
|
|
|
|
|
-
|
|
|
|
|
#answer the questions for iptables persistent
|
|
#answer the questions for iptables persistent
|
|
|
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
|
|
echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
|
|
|
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
|
|
echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
|
FusionPBX