summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-includes/usr/local/sbin/do_not_ever_run_me
blob: 9dc17513344426222fb7de59587f194e563ed68d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/bin/sh
#
# This script fully disables the iptables firewall, and thus the
# transparent forwarding thru Tor of all non-local network
# connections... which defeats the whole purpose of this OS, hence
# this script's name.

IPT=/sbin/iptables
IP6T=/sbin/ip6tables

[ -x "$IPT" ]  || exit 67
[ -x "$IP6T" ] || exit 68

$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT

$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT

$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT
    
$IPT -F
$IPT -t nat -F
$IPT -t mangle -F

$IPT -X
$IPT -t nat -X
$IPT -t mangle -X

$IP6T -F
$IP6T -P INPUT ACCEPT
$IP6T -P FORWARD ACCEPT
$IP6T -P OUTPUT ACCEPT

echo "You might want to unset http_proxy and HTTP_PROXY environment variables as well:"
echo "  unset http_proxy"
echo "  unset https_proxy"
echo "  unset HTTP_PROXY"
echo "  unset HTTPS_PROXY"