verita84/firewall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Your Name 2024-09-25 14:49:48 -06:00
parent 9866774da8
commit ba9d56c88e
2 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
firewall.sh
View File

@ -271,8 +271,6 @@ stop() {
$NFT insert rule filter input iif lo accept $NFT insert rule filter input iif lo accept
$NFT -f /opt/firewall/ipv6-filter.nft $NFT -f /opt/firewall/ipv6-filter.nft
# $NFT add rule ip6 filter input icmpv6 type nd-neighbor-solicit accept
# $NFT add rule ip6 filter input icmpv6 type nd-router-advert accept
message "Stopping Firewall" message "Stopping Firewall"
} }

9
modules/module-rate-limit-web.sh
View File

@ -1,12 +1,9 @@
#!/bin/bash #!/bin/bash
NFT='/usr/bin/nft' NFT='/usr/bin/nft'
HANDLE=($($NFT -n -a list ruleset | grep "ct state 0x8 tcp dport" | grep -E '80|443' | grep handle | cut -d '#' -f2 | cut -d ' ' -f3)) HANDLE=($($NFT -a -n list ruleset | grep "ct state 0x8 tcp dport" | grep -E '80|443' | grep handle | cut -d '#' -f2 | cut -d ' ' -f3))
for i in "${HANDLE[@]}"; do for i in "${HANDLE[@]}"; do
if [[ "$i" == *":"* ]]; then $NFT delete rule ip6 filter input handle $i &>/dev/null
$NFT delete rule ip6 filter input handle $i &>/dev/null $NFT delete rule ip filter input handle $i &>/dev/null
else
$NFT delete rule filter input handle $i &>/dev/null
fi
done done
echo "Setting Rate Limit to : $1" echo "Setting Rate Limit to : $1"