Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /etc/rc.d/rc1.d/ drwxr-xr-x | |
| Viewing file: Select action/file-type: #!/bin/sh
#
# ip6tables Start ip6tables firewall
#
# chkconfig: 2345 08 92
# description: Starts, stops and saves ip6tables firewall
#
# config: /etc/sysconfig/ip6tables
# config: /etc/sysconfig/ip6tables-config
# Source function library.
. /etc/init.d/functions
IP6TABLES=ip6tables
IP6TABLES_DATA=/etc/sysconfig/$IP6TABLES
IP6TABLES_CONFIG=/etc/sysconfig/${IP6TABLES}-config
IPV=${IP6TABLES%tables} # ip for ipv4 | ip6 for ipv6
PROC_IP6TABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IP6TABLES=/var/lock/subsys/$IP6TABLES
if [ ! -x /sbin/$IP6TABLES ]; then
echo -n $"/sbin/$IP6TABLES does not exist."; warning; echo
exit 0
fi
if lsmod 2>/dev/null | grep -q ipchains ; then
echo -n $"ipchains and $IP6TABLES can not be used together."; warning; echo
exit 1
fi
# Old or new modutils
/sbin/modprobe --version 2>&1 | grep -q module-init-tools \
&& NEW_MODUTILS=1 \
|| NEW_MODUTILS=0
# Default firewall configuration:
IP6TABLES_MODULES=""
IP6TABLES_MODULES_UNLOAD="yes"
IP6TABLES_SAVE_ON_STOP="no"
IP6TABLES_SAVE_ON_RESTART="no"
IP6TABLES_SAVE_COUNTER="no"
IP6TABLES_STATUS_NUMERIC="yes"
# Load firewall configuration.
[ -f "$IP6TABLES_CONFIG" ] && . "$IP6TABLES_CONFIG"
rmmod_r() {
# Unload module with all referring modules.
# At first all referring modules will be unloaded, then the module itself.
local mod=$1
local ret=0
local ref=
# Get referring modules.
# New modutils have another output format.
[ $NEW_MODUTILS = 1 ] \
&& ref=`lsmod | awk "/^${mod}/ { print \\\$4; }" | tr ',' ' '` \
|| ref=`lsmod | grep ^${mod} | cut -d "[" -s -f 2 | cut -d "]" -s -f 1`
# recursive call for all referring modules
for i in $ref; do
rmmod_r $i
let ret+=$?;
done
# Unload module.
# The extra test is for 2.6: The module might have autocleaned,
# after all referring modules are unloaded.
if grep -q "^${mod}" /proc/modules ; then
modprobe -r $mod > /dev/null 2>&1
let ret+=$?;
fi
return $ret
}
flush_n_delete() {
# Flush firewall rules and delete chains.
[ -e "$PROC_IP6TABLES_NAMES" ] || return 1
# Check if firewall is configured (has tables)
tables=`cat $PROC_IP6TABLES_NAMES 2>/dev/null`
[ -z "$tables" ] && return 1
echo -n $"Flushing firewall rules: "
ret=0
# For all tables
for i in $tables; do
# Flush firewall rules.
$IP6TABLES -t $i -F;
let ret+=$?;
# Delete firewall chains.
$IP6TABLES -t $i -X;
let ret+=$?;
# Set counter to zero.
$IP6TABLES -t $i -Z;
let ret+=$?;
done
[ $ret -eq 0 ] && success || failure
echo
return $ret
}
set_policy() {
# Set policy for configured tables.
policy=$1
# Check if iptable module is loaded
[ ! -e "$PROC_IP6TABLES_NAMES" ] && return 1
# Check if firewall is configured (has tables)
tables=`cat $PROC_IP6TABLES_NAMES 2>/dev/null`
[ -z "$tables" ] && return 1
echo -n $"Setting chains to policy $policy: "
ret=0
for i in $tables; do
echo -n "$i "
case "$i" in
raw)
$IP6TABLES -t raw -P PREROUTING $policy \
&& $IP6TABLES -t raw -P OUTPUT $policy \
|| let ret+=1
;;
filter)
$IP6TABLES -t filter -P INPUT $policy \
&& $IP6TABLES -t filter -P OUTPUT $policy \
&& $IP6TABLES -t filter -P FORWARD $policy \
|| let ret+=1
;;
nat)
$IP6TABLES -t nat -P PREROUTING $policy \
&& $IP6TABLES -t nat -P POSTROUTING $policy \
&& $IP6TABLES -t nat -P OUTPUT $policy \
|| let ret+=1
;;
mangle)
$IP6TABLES -t mangle -P PREROUTING $policy \
&& $IP6TABLES -t mangle -P POSTROUTING $policy \
&& $IP6TABLES -t mangle -P INPUT $policy \
&& $IP6TABLES -t mangle -P OUTPUT $policy \
&& $IP6TABLES -t mangle -P FORWARD $policy \
|| let ret+=1
;;
*)
let ret+=1
;;
esac
done
[ $ret -eq 0 ] && success || failure
echo
return $ret
}
start() {
# Do not start if there is no config file.
[ -f "$IP6TABLES_DATA" ] || return 1
echo -n $"Applying $IP6TABLES firewall rules: "
OPT=
[ "x$IP6TABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"
$IP6TABLES-restore $OPT $IP6TABLES_DATA
if [ $? -eq 0 ]; then
success; echo
else
failure; echo; return 1
fi
# Load additional modules (helpers)
if [ -n "$IP6TABLES_MODULES" ]; then
echo -n $"Loading additional $IP6TABLES modules: "
ret=0
for mod in $IP6TABLES_MODULES; do
echo -n "$mod "
modprobe $mod > /dev/null 2>&1
let ret+=$?;
done
[ $ret -eq 0 ] && success || failure
echo
fi
touch $VAR_SUBSYS_IP6TABLES
return $ret
}
stop() {
# Do not stop if ip6tables module is not loaded.
[ -e "$PROC_IP6TABLES_NAMES" ] || return 1
flush_n_delete
set_policy ACCEPT
if [ "x$IP6TABLES_MODULES_UNLOAD" = "xyes" ]; then
echo -n $"Unloading $IP6TABLES modules: "
ret=0
rmmod_r ${IPV}_tables
let ret+=$?;
rmmod_r ${IPV}_conntrack
let ret+=$?;
[ $ret -eq 0 ] && success || failure
echo
fi
rm -f $VAR_SUBSYS_IP6TABLES
return $ret
}
save() {
# Check if iptable module is loaded
[ ! -e "$PROC_IP6TABLES_NAMES" ] && return 1
# Check if firewall is configured (has tables)
tables=`cat $PROC_IP6TABLES_NAMES 2>/dev/null`
[ -z "$tables" ] && return 1
echo -n $"Saving firewall rules to $IP6TABLES_DATA: "
OPT=
[ "x$IP6TABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"
ret=0
TMP_FILE=`/bin/mktemp -q /tmp/$IP6TABLES.XXXXXX` \
&& chmod 600 "$TMP_FILE" \
&& $IP6TABLES-save $OPT > $TMP_FILE 2>/dev/null \
&& size=`stat -c '%s' $TMP_FILE` && [ $size -gt 0 ] \
|| ret=1
if [ $ret -eq 0 ]; then
if [ -e $IP6TABLES_DATA ]; then
cp -f $IP6TABLES_DATA $IP6TABLES_DATA.save \
&& chmod 600 $IP6TABLES_DATA.save \
|| ret=1
fi
if [ $ret -eq 0 ]; then
cp -f $TMP_FILE $IP6TABLES_DATA \
&& chmod 600 $IP6TABLES_DATA \
|| ret=1
fi
fi
[ $ret -eq 0 ] && success || failure
echo
rm -f $TMP_FILE
return $ret
}
status() {
tables=`cat $PROC_IP6TABLES_NAMES 2>/dev/null`
# Do not print status if lockfile is missing and ip6tables modules are not
# loaded.
# Check if iptable module is loaded
if [ ! -f "$VAR_SUBSYS_IP6TABLES" -a -z "$tables" ]; then
echo $"Firewall is stopped."
return 1
fi
# Check if firewall is configured (has tables)
if [ ! -e "$PROC_IP6TABLES_NAMES" ]; then
echo $"Firewall is not configured. "
return 1
fi
if [ -z "$tables" ]; then
echo $"Firewall is not configured. "
return 1
fi
NUM=
[ "x$IP6TABLES_STATUS_NUMERIC" = "xyes" ] && NUM="-n"
VERBOSE=
[ "x$IP6TABLES_STATUS_VERBOSE" = "xyes" ] && VERBOSE="--verbose"
COUNT=
[ "x$IP6TABLES_STATUS_LINENUMBERS" = "xyes" ] && COUNT="--line-numbers"
for table in $tables; do
echo $"Table: $table"
$IP6TABLES -t $table --list $NUM $VERBOSE $COUNT && echo
done
return 0
}
restart() {
[ "x$IP6TABLES_SAVE_ON_RESTART" = "xyes" ] && save
stop
start
}
case "$1" in
start)
stop
start
RETVAL=$?
;;
stop)
[ "x$IP6TABLES_SAVE_ON_STOP" = "xyes" ] && save
stop
RETVAL=$?
;;
restart)
restart
RETVAL=$?
;;
condrestart)
[ -e "$VAR_SUBSYS_IP6TABLES" ] && restart
;;
status)
status
RETVAL=$?
;;
panic)
flush_n_delete
set_policy DROP
RETVAL=$?
;;
save)
save
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status|panic|save}"
exit 1
;;
esac
exit $RETVAL
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0056 ]-- |