#!/bin/bash
#

## Firewall Script
#  01-07-26  by Erik Wegner
#  smb-up <Interface> <Network>
#

INT=$1  # Interface
NET=$2  # Network

if test -z $1 || test -z $2 ; then
	echo "smb-up <Interface> <Network>"
	echo "e.g.: smb-up eth0 192.168.4.0/255.255.255.0"
	exit 2
fi

# Pfad zu IPTables
if test -z $IPTABLES ; then
	IPTABLES=/usr/sbin/iptables
fi

## Ports
#  Nicht-privilegierte = 1024-65535
#P_HIGH=1024:65535
P_HIGH=137
P_SMB=53

echo "SMB $NET [$P_HIGH] <-> $INT [$P_SMB]"

$IPTABLES -A INPUT -p UDP \
	-i $INT -s $NET --sport $P_HIGH \
	--dport $P_SMB -j ACCEPT

$IPTABLES -A OUTPUT -p TCP \
	-o $INT -d $NET --dport $P_HIGH \
	--sport $P_SMB -j ACCEPT

