#!/bin/sh
#
# Explicit logging. The DENY jump is not necessary,
# but will appear as DENY in the log which is better
# than just a plain logged entry.
# We don't allow the traffic to get through and therefor
# it is more efficient to deny it here than to let it parse
# the rest of the rules.
# As an example, the fwrules.login contains log rules without
# DENY or ACCEPT just to get a log on each new connection.
#

source /filter/fw.conf
echo "$0"

ARG=$1
if [ ${1:-none} = "none" ]; then
    ARG="refresh"
    ipchains -F log
else
    if [ $ARG != "refresh" -a $ARG != "purge" -a $ARG != "delete" ]; then
	echo
	echo "Usage:   $0 <refresh|purge|delete>"
	echo "Example: $0 refresh    (default)"
	echo
	exit
    fi
fi
case $ARG in ( refresh ) ACTION="-A"; ipchains -F log;;
	     ( purge )   ACTION="-D";;
	     ( delete )  ACTION="-D"; ipchains -F log; exit;;
esac

###------- Edit Rules Below -------###

# Log all high port connections
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 $HI -j DENY -l

# POP3
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 pop3 -j DENY -l

# Imap2
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 imap2 -j DENY -l

# Imap3
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 imap3 -j DENY -l

# ICQ
ipchains $ACTION log -p UDP -i $IF_IP -d $TKARLSSON2 $ICQ -j DENY -l

# NetBus
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 $NETBUS -j DENY -l

# BackOrifice
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 $BO -j DENY -l

# Finger
ipchains $ACTION log -p TCP -i $IF_IP -y -d $TKARLSSON2 finger -j DENY -l