dbailey: branch aadk r1228 - /branches/aadk/scripts/networking.sh

SVN commits to the Asterisk-GUI project asterisk-gui-commits at lists.digium.com
Fri Jul 6 17:30:03 CDT 2007 

Author: dbailey
Date: Fri Jul  6 17:30:02 2007
New Revision: 1228

URL: http://svn.digium.com/view/asterisk-gui?view=rev&rev=1228
Log:
Update aadk networking setup so that http and manager are not enabled on the WAN port by default
Set up the ntp daemon script to use locally generated time

Modified:
    branches/aadk/scripts/networking.sh

Modified: branches/aadk/scripts/networking.sh
URL: http://svn.digium.com/view/asterisk-gui/branches/aadk/scripts/networking.sh?view=diff&rev=1228&r1=1227&r2=1228
==============================================================================
--- branches/aadk/scripts/networking.sh (original)
+++ branches/aadk/scripts/networking.sh Fri Jul  6 17:30:02 2007
@@ -16,6 +16,7 @@
 INETD_BIN="`which inetd`"
 INETD_PROCNAME="inetd"
 INETD_LINE_SSH="ssh     stream tcp nowait root /bin/dropbear -i 2 > /dev/null"
+NTP_CONFIG="/etc/config/ntp.conf"
 
 ARG_FILE="/etc/asterisk/scripts/network.params"
 
@@ -25,7 +26,7 @@
 	. ${ARG_FILE} 	# Include the file that has the variables in it, written from the GUI.
 else
 	echo "Configuring interface for the first time, or after configuration loss."
-	HOSTNAME=asteriskpbx
+	HOSTNAME=sx00i
 	IP_LAN=192.168.69.1
 	SSHACCESS=no
 	DHCP_WAN=on
@@ -35,6 +36,7 @@
 	END_RANGE_LAN=192.168.69.150
 	MAX_LEASE=100
 	DNS_LAN=${IP_LAN}
+	GUI_WAN=off
 fi
 
 ifconfig lo 127.0.0.1
@@ -44,15 +46,9 @@
 
 # Set our hostname
 if [ "${HOSTNAME}" = "" ]; then
-	HOSTNAME=asteriskpbx
+	HOSTNAME=sx00i
 fi
 hostname ${HOSTNAME}
-
-# Set our time server
-if [ "${NTP_ADDRESS}" != "" ]; then
-	killall -9 ntpdate 2> /dev/null
-	ntpdate ${NTP_ADDRESS} &
-fi
 
 # Handle inetd services.
 rm -f ${INETD_CONFIG} ${INETD_CONFIG}.*
@@ -93,8 +89,29 @@
 ifconfig ${LAN_INTERFACE} ${IP_LAN} netmask ${SUBNET_LAN}
 iptables -F
 dnsmasq &
+
+# if GUI_WAN is off -> block GUI on wan interface
+if [ "${GUI_WAN}" = "off" ]; then
+	echo "Blocking GUI and Manager on WAN Interface"
+	iptables -A INPUT -i ${WAN_INTERFACE} -p tcp --dport 80 -j DROP
+	iptables -A INPUT -i ${WAN_INTERFACE} -p tcp --dport 5038 -j DROP
+fi
+
+# Set our time server
+echo "Instantiating the NTP daemon"
 killall -9 ntpd 2>/dev/null
-ntpd &
+echo "### Autogenerated conf file" > ${NTP_CONFIG}
+echo "" >> ${NTP_CONFIG}
+if [ "${NTP_ADDRESS}" != "" ]; then
+	ntpdate ${NTP_ADDRESS} &
+	echo "server   ${NTP_ADDRESS}" >> ${NTP_CONFIG}
+fi
+echo "server 127.127.1.1 prefer iburst" >> ${NTP_CONFIG}
+echo "fudge 127.127.1.1 stratum 5" >> ${NTP_CONFIG}
+echo "" >> ${NTP_CONFIG}
+echo "disable auth" >> ${NTP_CONFIG}
+ntpd -g &
+
 # XXX This will pretty much only work for a /24 XXX
 NETWORK_LAN=`echo "${IP_LAN}" | cut -d '.' -f 1,2,3`
 iptables -t nat -A POSTROUTING -s ${NETWORK_LAN}.0/${SUBNET_LAN} -d 0.0.0.0/0 -j MASQUERADE

More information about the asterisk-gui-commits mailing list