Remove outside access by default

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2024-12-30 17:01:28 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2024-12-30 17:06:13 +0100
commit: 578a1855975959f1cc33f0f52c2dbb8ae49433b2 (patch)
tree: 35e8d549a497875129089d64cb9adee2d3a10b1e /ImmaeEu-down
parent: 26e3d64f8142730260e9669d89b00d726fd42f1c (diff)
download: hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.tar.gz
hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.tar.zst
hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.zip
1 files changed, 9 insertions, 3 deletions
diff --git a/ImmaeEu-down b/ImmaeEu-down
index d983a3b..19eafa1 100755
--- a/ImmaeEu-down
+++ b/ImmaeEu-down
@@ -4,11 +4,17 @@
 [ -e /tmp/tinc_$NETNAME ] && . /tmp/tinc_$NETNAME
 [ -e /run/tinc_$NETNAME.vars ] && . /run/tinc_$NETNAME.vars
 rm -f /tmp/tinc_$NETNAME /run/tinc_$NETNAME.vars || true
-[ -n "$GWIP" ] && ip -6 route del default via $GWIP table 655
+if false; then
+  # Allow accessing the external world from the ip
+  [ -n "$GWIP" ] && ip -6 route del default via $GWIP table 655
+fi
 for MYIP in $MYIPS; do
  ip -6 addr del $MYIP/96 dev $INTERFACE
-  ip -6 rule del from $MYIP/96 table 655
+  if false; then
-  ip -6 rule del to $MYIP/96 table 655
+    # Allow accessing the external world from the ip
+    ip -6 rule del from $MYIP/96 table 655
+    ip -6 rule del to $MYIP/96 table 655
+  fi
 done
 ip -6 link set $INTERFACE down
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2024-12-30 17:01:28 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2024-12-30 17:06:13 +0100
commit	578a1855975959f1cc33f0f52c2dbb8ae49433b2 (patch)
tree	35e8d549a497875129089d64cb9adee2d3a10b1e /ImmaeEu-down
parent	26e3d64f8142730260e9669d89b00d726fd42f1c (diff)
download	hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.tar.gz hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.tar.zst hosts-578a1855975959f1cc33f0f52c2dbb8ae49433b2.zip