esac
done
}
+rule_shorewall_configure () {
+ # DOC: http://shorewall.net/Introduction.html
+ local -; set +f
+ rule apt_get_install shorewall
+ sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/default/shorewall <<-EOF
+ INITLOG=/dev/null
+ OPTIONS=""
+ RESTARTOPTIONS=""
+ SAFESTOP=0
+ STARTOPTIONS=""
+ startup=1
+ EOF
+ local conf
+ for conf in "$tool"/etc/shorewall/*
+ do conf=${conf#"$tool"/etc/shorewall/}
+ sudo test ! -f "$tool"/etc/shorewall/"$conf" ||
+ sudo install -m 640 -o root -g root \
+ "$tool"/etc/shorewall/"$conf" \
+ /etc/shorewall/"$conf"
+ done
+ sudo install -d -m 750 -o root -g root \
+ /etc/shorewall/macro.d
+ for conf in "$tool"/etc/shorewall/macro.d/*
+ do conf=${conf#"$tool"/etc/shorewall/macro.d/}
+ sudo test ! -f "$tool"/etc/shorewall/macro.d/"$conf" ||
+ sudo install -m 640 -o root -g root \
+ "$tool"/etc/shorewall/macro.d/"$conf" \
+ /etc/shorewall/macro.d/"$conf"
+ done
+ sudo install -d -m 750 -o root -g root \
+ /etc/shorewall/action.d
+ #for conf in "$tool"/etc/shorewall/action.d/*
+ # do conf=${conf#"$tool"/etc/shorewall/action.d/}
+ # sudo test ! -f "$tool"/etc/shorewall/action.d/"$conf" ||
+ # sudo install -m 640 -o root -g root \
+ # "$tool"/etc/shorewall/action.d/"$conf" \
+ # /etc/shorewall/action.d/"$conf"
+ # done
+ #sudo shorewall safe-restart
+ }
rule_ssh_configure () {
rule apt_get_install openssh-server
rule insserv_remove ssh
ListenAddress $vm_ipv4
LogLevel INFO
LoginGraceTime 120
+ MaxAuthTries 1
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin yes