1*eb1a3463STruong Nguyen#!/sbin/sh 2*eb1a3463STruong Nguyen# 3*eb1a3463STruong Nguyen# CDDL HEADER START 4*eb1a3463STruong Nguyen# 5*eb1a3463STruong Nguyen# The contents of this file are subject to the terms of the 6*eb1a3463STruong Nguyen# Common Development and Distribution License (the "License"). 7*eb1a3463STruong Nguyen# You may not use this file except in compliance with the License. 8*eb1a3463STruong Nguyen# 9*eb1a3463STruong Nguyen# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*eb1a3463STruong Nguyen# or http://www.opensolaris.org/os/licensing. 11*eb1a3463STruong Nguyen# See the License for the specific language governing permissions 12*eb1a3463STruong Nguyen# and limitations under the License. 13*eb1a3463STruong Nguyen# 14*eb1a3463STruong Nguyen# When distributing Covered Code, include this CDDL HEADER in each 15*eb1a3463STruong Nguyen# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*eb1a3463STruong Nguyen# If applicable, add the following below this CDDL HEADER, with the 17*eb1a3463STruong Nguyen# fields enclosed by brackets "[]" replaced with your own identifying 18*eb1a3463STruong Nguyen# information: Portions Copyright [yyyy] [name of copyright owner] 19*eb1a3463STruong Nguyen# 20*eb1a3463STruong Nguyen# CDDL HEADER END 21*eb1a3463STruong Nguyen# 22*eb1a3463STruong Nguyen# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23*eb1a3463STruong Nguyen# Use is subject to license terms. 24*eb1a3463STruong Nguyen# 25*eb1a3463STruong Nguyen 26*eb1a3463STruong Nguyen# Scripts that generate IPfilter rules for SMB server 27*eb1a3463STruong Nguyen 28*eb1a3463STruong Nguyen. /lib/svc/share/smf_include.sh 29*eb1a3463STruong Nguyen. /lib/svc/share/ipf_include.sh 30*eb1a3463STruong Nguyen 31*eb1a3463STruong Nguyencreate_ipf_rules() 32*eb1a3463STruong Nguyen{ 33*eb1a3463STruong Nguyen FMRI=$1 34*eb1a3463STruong Nguyen file=`fmri_to_file $FMRI $IPF_SUFFIX` 35*eb1a3463STruong Nguyen ip=any 36*eb1a3463STruong Nguyen policy=`get_policy ${FMRI}` 37*eb1a3463STruong Nguyen iana_names="microsoft-ds netbios-ns netbios-dgm netbios-ssn" 38*eb1a3463STruong Nguyen 39*eb1a3463STruong Nguyen # 40*eb1a3463STruong Nguyen # Enforce policy on each port 41*eb1a3463STruong Nguyen # 42*eb1a3463STruong Nguyen echo "# $FMRI" >$file 43*eb1a3463STruong Nguyen for name in $iana_names; do 44*eb1a3463STruong Nguyen port=`$SERVINFO -p -s $name 2>/dev/null` 45*eb1a3463STruong Nguyen if [ -z "$port" ]; then 46*eb1a3463STruong Nguyen continue; 47*eb1a3463STruong Nguyen fi 48*eb1a3463STruong Nguyen generate_rules $FMRI $policy "tcp" $ip $port $file 49*eb1a3463STruong Nguyen generate_rules $FMRI $policy "udp" $ip $port $file 50*eb1a3463STruong Nguyen done 51*eb1a3463STruong Nguyen} 52*eb1a3463STruong Nguyen 53*eb1a3463STruong Nguyenif [ "$1" = "ipfilter" ]; then 54*eb1a3463STruong Nguyen create_ipf_rules $2 55*eb1a3463STruong Nguyenfi 56*eb1a3463STruong Nguyenexit 0 57