Synnefo » snf-network

#!/bin/bash

source /etc/default/snf-network

source /usr/lib/snf-network/common.sh

# Useful environment vars

# INTERFACE, INSTANCE, IP, NETWORK_TAGS, MODE, TABLE

function reset_extra (){

  iptables -D FORWARD -i $INTERFACE -p tcp --dport 25 -j ACCEPT

  ip6tables -D FORWARD -i $INTERFACE -p tcp --dport 25 -j ACCEPT

}

# Reset rules that might have been applied by a previous ifup-extra

try reset_extra

ifprefixindex="synnefo:network:$INTERFACE_INDEX:"

ifprefixname="synnefo:network:$INTERFACE_NAME:"

ifprefixuuid="synnefo:network:$INTERFACE_UUID:"

for tag in $TAGS; do

  tag=${tag#$ifprefixindex}

  tag=${tag#$ifprefixname}

  tag=${tag#$ifprefixuuid}

  case $tag in

    mail)

    # Here add iptalbes rule..

    iptables -I FORWARD -i $INTERFACE -p tcp --dport 25 -j ACCEPT

    ip6tables -I FORWARD -i $INTERFACE -p tcp --dport 25 -j ACCEPT

  ;;

  esac

done

exit 0