3 # Copyright 2013-2016 by Jan Vales <jan@jvales.net> (Someone <someone@somenet.org>)
4 # send me your changes. credit author(s). do not publish. share alike.
5 # to be done: find a suitable licence text.
7 # Script to create xtable snapshots.
8 # Most likely no longer really useful as of 2016.
11 # Snapshot current xtable ruleset every 10 min.
12 #*/10 * * * * /root/network/xtable_snapshot.sh "CRON: UNKNOWN CHANGES" > /dev/null 2>&1
17 chmod -R u=rw,go-rwx .
20 if [ ! -d "xtable_rules" ]; then
21 echo "*** FAIL: cannot cd xtable_current_rules"
27 if [ ! -d ".git" ]; then
28 echo "*** WARN: git repo not found. creating..."
30 git commit --allow-empty -m "Initial commit"
33 echo -e "# only store current saves\n*\n!*.current.save" > .gitignore
35 git add -f -- .gitignore
36 git commit -m ".gitignore" -- .gitignore
40 /sbin/iptables-save | grep -v '#' > iptables.rules.current.save.raw.tmp
42 echo '# recovery with' > iptables.rules.current.save.tmp
43 echo '# /root/network/load_xtables.sh' >> iptables.rules.current.save.tmp
44 echo '' >> iptables.rules.current.save.tmp
45 sed 's/\(\:[^\[]*\)\[[0-9]*\:[0-9]*\]/\1[0:0]/' iptables.rules.current.save.raw.tmp >> iptables.rules.current.save.tmp
46 echo '' >> iptables.rules.current.save.tmp
47 echo '# recovery with' >> iptables.rules.current.save.tmp
48 echo '# /root/network/load_xtables.sh' >> iptables.rules.current.save.tmp
50 cat iptables.rules.current.save.tmp > iptables.rules.current.save
52 rm *.current.save.tmp *.current.save.*.tmp
53 git add -f -- *.current.save
54 git commit -m "$1" -- *.current.save