projects / config / iptables.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
iptables-workstation.sh: enable DHCPv4 offers and more SSDP communication
[config/iptables.git] / Makefile
diff --git a/Makefile b/Makefile
index 1c26fe1..aec4351 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,19 @@
 all:
 
 deploy-workstation:
 all:
 
 deploy-workstation:
-       command -v /usr/sbin/nft > /dev/null && sudo nft flush ruleset
+       -[ -x /usr/sbin/nft ] && sudo nft flush ruleset
        sudo ./iptables-workstation.sh
        sudo ./iptables-workstation.sh
-       sudo iptables-save > iptables
-       sudo ip6tables-save > ip6tables
+       sudo sh -c "iptables-save > rules.v4"
+       sudo sh -c "ip6tables-save > rules.v6"
+       -if [ -x /usr/sbin/netfilter-persistent ]; \
+       then \
+         [ -d /etc/iptables ] && sudo mkdir /etc/iptables; \
+         sudo mv rules.v[46] /etc/iptables; \
+         sudo etckeeper vcs add iptables; \
+         if ! sudo etckeeper vcs diff --staged --no-patch --exit-code -- iptables; \
+         then \
+           sudo etckeeper vcs commit -m "iptables: update rules" -- iptables; \
+         fi; \
+         sudo systemctl restart netfilter-persistent.service; \
+       fi
+
Configuration files for the iptables/netfilter linux packet filtering framework