From 72b2b60922c789a8e29bca7b7f383846f3383188 Mon Sep 17 00:00:00 2001 From: Antonio Ospite Date: Thu, 3 May 2018 11:02:06 +0200 Subject: [PATCH] Makefile: support deploying with netfilter-persistent --- Makefile | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 9436a66..aec4351 100644 --- a/Makefile +++ b/Makefile @@ -3,5 +3,17 @@ all: deploy-workstation: -[ -x /usr/sbin/nft ] && sudo nft flush ruleset sudo ./iptables-workstation.sh - sudo iptables-save > iptables - sudo ip6tables-save > ip6tables + sudo sh -c "iptables-save > rules.v4" + sudo sh -c "ip6tables-save > rules.v6" + -if [ -x /usr/sbin/netfilter-persistent ]; \ + then \ + [ -d /etc/iptables ] && sudo mkdir /etc/iptables; \ + sudo mv rules.v[46] /etc/iptables; \ + sudo etckeeper vcs add iptables; \ + if ! sudo etckeeper vcs diff --staged --no-patch --exit-code -- iptables; \ + then \ + sudo etckeeper vcs commit -m "iptables: update rules" -- iptables; \ + fi; \ + sudo systemctl restart netfilter-persistent.service; \ + fi + -- 2.1.4