Makefile: support deploying with netfilter-persistent

author Antonio Ospite <ao2@ao2.it>

Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)

committer Antonio Ospite <ao2@ao2.it>

Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)
author Antonio Ospite <ao2@ao2.it>
Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)
committer Antonio Ospite <ao2@ao2.it>
Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)
diff --git a/Makefile b/Makefile

index 9436a66..aec4351 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -3,5 +3,17 @@ all:
  deploy-workstation:
         -[ -x /usr/sbin/nft ] && sudo nft flush ruleset
         sudo ./iptables-workstation.sh
  deploy-workstation:
         -[ -x /usr/sbin/nft ] && sudo nft flush ruleset
         sudo ./iptables-workstation.sh
-       sudo iptables-save > iptables
-       sudo ip6tables-save > ip6tables
+       sudo sh -c "iptables-save > rules.v4"
+       sudo sh -c "ip6tables-save > rules.v6"
+       -if [ -x /usr/sbin/netfilter-persistent ]; \
+       then \
+         [ -d /etc/iptables ] && sudo mkdir /etc/iptables; \
+         sudo mv rules.v[46] /etc/iptables; \
+         sudo etckeeper vcs add iptables; \
+         if ! sudo etckeeper vcs diff --staged --no-patch --exit-code -- iptables; \
+         then \
+           sudo etckeeper vcs commit -m "iptables: update rules" -- iptables; \
+         fi; \
+         sudo systemctl restart netfilter-persistent.service; \
+       fi
+
author	Antonio Ospite <ao2@ao2.it>
	Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)
committer	Antonio Ospite <ao2@ao2.it>
	Thu, 3 May 2018 09:02:06 +0000 (11:02 +0200)