Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-22 02:00:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

setup now references bastille_pf_conf variable

Browse Source
This commit is contained in:
Christer Edwards
2023-07-14 21:07:36 -06:00
parent 15f2ea8574
commit e15a481e46
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
usr/local/share/bastille/setup.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# Copyright (c) 2018-2022, Christer Edwards <christer.edwards@gmail.com> # Copyright (c) 2018-2023, Christer Edwards <christer.edwards@gmail.com>
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
@@ -60,14 +60,14 @@ configure_vnet() {
# Configure pf firewall # Configure pf firewall
configure_pf() { configure_pf() {
if [ ! -f "/etc/pf.conf" ]; then if [ ! -f "${bastille_pf_conf}" ]; then
local ext_if local ext_if
ext_if=$(netstat -rn | awk '/default/ {print $4}' | head -n1) ext_if=$(netstat -rn | awk '/default/ {print $4}' | head -n1)
info "Determined default network interface: ($ext_if)" info "Determined default network interface: ($ext_if)"
info "/etc/pf.conf does not exist: creating..." info "${bastille_pf_conf} does not exist: creating..."
## creating pf.conf ## creating pf.conf
cat << EOF > /etc/pf.conf cat << EOF > ${bastille_pf_conf}
## generated by bastille setup ## generated by bastille setup
ext_if="$ext_if" ext_if="$ext_if"
@@ -86,7 +86,7 @@ pass in inet proto tcp from any to any port ssh flags S/SA keep state
EOF EOF
sysrc pf_enable=YES sysrc pf_enable=YES
else else
error_exit "/etc/pf.conf already exists. Exiting." error_exit "${bastille_pf_conf} already exists. Exiting."
fi fi
} }