Ja in:
Code:
# /etc/init.d/ispcp_network
Inhalt:
Code:
#!/bin/sh
# ispCP Ï (OMEGA) a Virtual Hosting Control Panel
# Copyright (C) 2006-2010 by isp Control Panel - http://ispcp.net
#
# Version: $ID$
#
# The contents of this file are subject to the Mozilla Public License
# Version 1.1 (the "License"); you may not use this file except in
# compliance with the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
# License for the specific language governing rights and limitations
# under the License.
#
# The Original Code is "ispCP - ISP Control Panel".
#
# The Initial Developer of the Original Code is ispCP Team.
# Portions created by the ispCP Team are Copyright (C) 2006-2010 by
# isp Control Panel. All Rights Reserved.
#
# The ispCP Ï Home Page is:
#
# http://isp-control.net
#
### BEGIN INIT INFO
# Provides: ispcp_network
# Required-Start: $network $local_fs $remote_fs
# Required-Stop:
# Should-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ispCP Network Traffic Logger
#
### END INIT INFO
# Note: do not modify any of these vars here, use /etc/default/$NAME instead
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DESC="ispCP Network Traffic Logger"
NAME=ispcp_network
LFILE=/var/run/$NAME
IPTABLES=/sbin/iptables
ENGINEPATH="/var/www/ispcp/engine"
ENGINETOOLSPATH=${ENGINEPATH}"/tools"
NETWORKCARDMANAGER="ispcp-net-interfaces-mngr"
LOGDIR=/var/log/ispcp
LOGFILE=${LOGDIR}/${NAME}.log
DIETIME=3
START=1
# To monitor more ports, edit SERVICES variable add your own ports
# (ftp, proxy, http, etc.)
#
# HTTP(S): 80 443
# POP3(S): 110 995
# IMAP4(S)): 143 993
# MAIL(S): 25 465 587
SERVICES="80 443 110 143 25 465 587 995 993"
# To monitor more outgoing ports, edit SERVICES_OUT variable add your own ports
# (mail, etc.)
#
# MAIL(S): 25 465 587
SERVICES_OUT="25 465 587"
# Debian LSB extensions (will be used if init-functions doesn't override them):
log_daemon_msg() {
if [ ! -z "${2:-}" ]; then
log_success_msg "${1:-}: ${2:-}"
else
log_success_msg "${1:-}"
fi
}
log_end_msg() {
local status="$1"
}
log_progress_msg () {
log_success_msg " $@"
}
# if not present (e.g. *BSD) make sure to provide compatible methods via /etc/default/$NAME
if [ -f /lib/lsb/init-functions ]; then
. /lib/lsb/init-functions
fi
# Read config file if present.
if [ -r /etc/default/$NAME ]; then
. /etc/default/$NAME
fi
if [ $START -eq 0 ]; then
log_warning_msg "Not starting $DESC: edit /etc/default/$NAME."
exit 1
fi
add_rules() {
${IPTABLES} -N ISPCP_INPUT 2>> "$LOGFILE"
${IPTABLES} -N ISPCP_OUTPUT 2>> "$LOGFILE"
# All traffic should jump through ISPCP tables before anything else
${IPTABLES} -I INPUT -j ISPCP_INPUT 2>> "$LOGFILE"
${IPTABLES} -I OUTPUT -j ISPCP_OUTPUT 2>> "$LOGFILE"
# Services from matrix basically receiving data
for PORT in $SERVICES; do
${IPTABLES} -I ISPCP_INPUT -p tcp --dport "$PORT" 2>> "$LOGFILE"
${IPTABLES} -I ISPCP_OUTPUT -p tcp --sport "$PORT" 2>> "$LOGFILE"
done
# Services from matrix basically sending data
for PORT in $SERVICES_OUT; do
${IPTABLES} -I ISPCP_INPUT -p tcp --sport "$PORT" 2>> "$LOGFILE"
${IPTABLES} -I ISPCP_OUTPUT -p tcp --dport "$PORT" 2>> "$LOGFILE"
done
# Explicit return once done
${IPTABLES} -A ISPCP_INPUT -j RETURN
${IPTABLES} -A ISPCP_OUTPUT -j RETURN
# Touch lock file
touch $LFILE
}
remove_rules() {
${IPTABLES} -D INPUT -j ISPCP_INPUT 2>> "$LOGFILE"
${IPTABLES} -D OUTPUT -j ISPCP_OUTPUT 2>> "$LOGFILE"
${IPTABLES} -F ISPCP_INPUT 2>> "$LOGFILE"
${IPTABLES} -F ISPCP_OUTPUT 2>> "$LOGFILE"
${IPTABLES} -X ISPCP_INPUT 2>> "$LOGFILE"
${IPTABLES} -X ISPCP_OUTPUT 2>> "$LOGFILE"
# Remove lock file
rm $LFILE
}
add_interfaces() {
${ENGINETOOLSPATH}/${NETWORKCARDMANAGER} start &>${LOGDIR}/${NETWORKCARDMANAGER}.log 2>&1
}
remove_interfaces() {
${ENGINETOOLSPATH}/${NETWORKCARDMANAGER} stop &>${LOGDIR}/${NETWORKCARDMANAGER}.log 2>&1
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
if [ -e "$LFILE" ]; then
echo ""
log_warning_msg "${NAME} is already started" >&2
else
add_interfaces
add_rules
fi
log_end_msg $?
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
if [ ! -e "$LFILE" ]; then
echo ""
log_warning_msg "${NAME} is already stopped" >&2
else
remove_rules
remove_interfaces
fi
log_end_msg $?
;;
restart|force-reload)
log_daemon_msg "Stopping $DESC" "$NAME"
if [ ! -e "$LFILE" ]; then
echo ""
log_warning_msg "${NAME} is already stopped" >&2
else
remove_rules
remove_interfaces
log_end_msg $?
[ -n "$DIETIME" ] && sleep "$DIETIME"
fi
log_daemon_msg "Starting $DESC" "$NAME"
add_interfaces
add_rules
log_end_msg $?
;;
status)
log_daemon_msg "Checking status of $DESC" "$NAME"
if [ ! -e "$LFILE" ]; then
log_progress_msg "stopped"
else
log_progress_msg "started"
fi
echo ""
;;
*)
echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac
exit 0
Greez BeNe
Search
Member List
Calendar
Help
