1#!/bin/bash 2# 3# init script for the Ethernet Bridge filter tables 4# 5# Written by Dag Wieers <dag@wieers.com> 6# Modified by Rok Papez <rok.papez@arnes.si> 7# Bart De Schuymer <bdschuym@pandora.be> 8# 9# chkconfig: - 15 85 10# description: Ethernet Bridge filtering tables 11# 12# config: __SYSCONFIG__/ebtables (text) 13# __SYSCONFIG__/ebtables.<table> (binary) 14 15source /etc/init.d/functions 16source /etc/sysconfig/network 17 18# Check that networking is up. 19[ ${NETWORKING} = "no" ] && exit 0 20 21[ -x __EXEC_PATH__/ebtables ] || exit 1 22[ -x __EXEC_PATH__/ebtables-save ] || exit 1 23[ -x __EXEC_PATH__/ebtables-restore ] || exit 1 24 25RETVAL=0 26prog="ebtables" 27desc="Ethernet bridge filtering" 28umask 0077 29 30#default configuration 31EBTABLES_TEXT_FORMAT="yes" 32EBTABLES_BINARY_FORMAT="yes" 33EBTABLES_MODULES_UNLOAD="yes" 34EBTABLES_SAVE_ON_STOP="no" 35EBTABLES_SAVE_ON_RESTART="no" 36EBTABLES_SAVE_COUNTER="no" 37 38config=__SYSCONFIG__/$prog-config 39[ -f "$config" ] && . "$config" 40 41start() { 42 echo -n $"Starting $desc ($prog): " 43 if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then 44 for table in $(ls __SYSCONFIG__/ebtables.* 2>/dev/null | sed -e 's/.*ebtables\.//' -e '/save/d' ); do 45 __EXEC_PATH__/ebtables -t $table --atomic-file __SYSCONFIG__/ebtables.$table --atomic-commit || RETVAL=1 46 done 47 else 48 __EXEC_PATH__/ebtables-restore < /etc/sysconfig/ebtables || RETVAL=1 49 fi 50 51 if [ $RETVAL -eq 0 ]; then 52 success "$prog startup" 53 rm -f /var/lock/subsys/$prog 54 else 55 failure "$prog startup" 56 fi 57 echo 58} 59 60stop() { 61 echo -n $"Stopping $desc ($prog): " 62 for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do 63 __EXEC_PATH__/ebtables -t $table --init-table || RETVAL=1 64 done 65 66 if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then 67 for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do 68 rmmod $mod 2> /dev/null 69 done 70 fi 71 72 if [ $RETVAL -eq 0 ]; then 73 success "$prog shutdown" 74 rm -f /var/lock/subsys/$prog 75 else 76 failure "$prog shutdown" 77 fi 78 echo 79} 80 81restart() { 82 stop 83 start 84} 85 86save() { 87 echo -n $"Saving $desc ($prog): " 88 if [ "$EBTABLES_TEXT_FORMAT" = "yes" ]; then 89 if [ -e __SYSCONFIG__/ebtables ]; then 90 chmod 0600 __SYSCONFIG__/ebtables 91 mv -f __SYSCONFIG__/ebtables __SYSCONFIG__/ebtables.save 92 fi 93 __EXEC_PATH__/ebtables-save > __SYSCONFIG__/ebtables || RETVAL=1 94 fi 95 if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then 96 rm -f __SYSCONFIG__/ebtables.*.save 97 for oldtable in $(ls __SYSCONFIG__/ebtables.* 2>/dev/null | grep -vF 'ebtables.save'); do 98 chmod 0600 $oldtable 99 mv -f $oldtable $oldtable.save 100 done 101 for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do 102 __EXEC_PATH__/ebtables -t $table --atomic-file __SYSCONFIG__/ebtables.$table --atomic-save || RETVAL=1 103 if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then 104 __EXEC_PATH__/ebtables -t $table --atomic-file __SYSCONFIG__/ebtables.$table -Z || RETVAL=1 105 fi 106 done 107 fi 108 109 if [ $RETVAL -eq 0 ]; then 110 success "$prog saved" 111 else 112 failure "$prog saved" 113 fi 114 echo 115} 116 117case "$1" in 118 start) 119 start 120 ;; 121 stop) 122 [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save 123 stop 124 ;; 125 restart|reload) 126 [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save 127 restart 128 ;; 129 condrestart) 130 [ -e /var/lock/subsys/$prog ] && restart 131 RETVAL=$? 132 ;; 133 save) 134 save 135 ;; 136 status) 137 __EXEC_PATH__/ebtables-save 138 RETVAL=$? 139 ;; 140 *) 141 echo $"Usage $0 {start|stop|restart|condrestart|save|status}" 142 RETVAL=1 143esac 144 145exit $RETVAL 146