Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-24 03:01:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

add PATH; improve firewall

Browse Source
This commit is contained in:
Christer Edwards
2019-11-25 15:38:40 -07:00
parent e4c4d0df2e
commit b5c8330502
4 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
usr/local/share/bastille/start.sh
View File

@@ -67,9 +67,9 @@ for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail}
## update ${bastille_jail_loopback}:network with added/removed addresses
## update table:jails in firewall with container address
if [ ! -z ${bastille_jail_loopback} ]; then
pfctl -f /etc/pf.conf
pfctl -t jails -T add $(jls -j ${_jail} ip4.addr)
fi
fi
echo

11
usr/local/share/bastille/stop.sh
View File

@@ -64,13 +64,14 @@ for _jail in ${JAILS}; do
## test if running
elif [ $(jls name | grep -w "${_jail}") ]; then
## remove ip4.addr from firewall table:jails
if [ ! -z ${bastille_jail_loopback} ]; then
pfctl -t jails -T delete $(jls -j ${_jail} ip4.addr)
fi
## stop container
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -r ${_jail}
## update ${bastille_jail_loopback}:network with added/removed addresses
if [ ! -z ${bastille_jail_loopback} ]; then
pfctl -f /etc/pf.conf
fi
fi
echo
done