summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-includes/usr/local/sbin
diff options
context:
space:
mode:
authoramnesia <amnesia@boum.org>2009-06-20 21:09:15 +0200
committeramnesia <amnesia@boum.org>2009-06-20 21:09:15 +0200
commit345a927fbd6aa18a2bcd13331cbc2e22ef2e0639 (patch)
tree1e107ba0a446a2cb32322f8e9dee1704fe10e5fb /config/chroot_local-includes/usr/local/sbin
initial source tree import0.1
/home/amnesia is missing, as no clean way to include it is implemented yet.
Diffstat (limited to 'config/chroot_local-includes/usr/local/sbin')
-rwxr-xr-xconfig/chroot_local-includes/usr/local/sbin/do_not_ever_run_me36
1 files changed, 36 insertions, 0 deletions
diff --git a/config/chroot_local-includes/usr/local/sbin/do_not_ever_run_me b/config/chroot_local-includes/usr/local/sbin/do_not_ever_run_me
new file mode 100755
index 0000000..4a42367
--- /dev/null
+++ b/config/chroot_local-includes/usr/local/sbin/do_not_ever_run_me
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# This script fully disables the iptables firewall, and thus the
+# transparent forwarding thru Tor of all non-local network
+# connections... which defeats the whole purpose of this OS, hence
+# this script's name.
+
+IPT=/sbin/iptables
+
+[ -x "$IPT" ] || exit 67
+
+$IPT -P INPUT ACCEPT
+$IPT -P FORWARD ACCEPT
+$IPT -P OUTPUT ACCEPT
+
+$IPT -t nat -P PREROUTING ACCEPT
+$IPT -t nat -P POSTROUTING ACCEPT
+$IPT -t nat -P OUTPUT ACCEPT
+
+$IPT -t mangle -P PREROUTING ACCEPT
+$IPT -t mangle -P INPUT ACCEPT
+$IPT -t mangle -P FORWARD ACCEPT
+$IPT -t mangle -P OUTPUT ACCEPT
+$IPT -t mangle -P POSTROUTING ACCEPT
+
+$IPT -F
+$IPT -t nat -F
+$IPT -t mangle -F
+
+$IPT -X
+$IPT -t nat -X
+$IPT -t mangle -X
+
+echo "You might want to unset http_proxy and HTTP_PROXY environment variables as well:"
+echo " unset http_proxy"
+echo " unset HTTP_PROXY"