1#!/sbin/sh 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23# Use is subject to license terms. 24# 25 26# Scripts that generate IPfilter rules for SMB server 27 28. /lib/svc/share/smf_include.sh 29. /lib/svc/share/ipf_include.sh 30 31create_ipf_rules() 32{ 33 FMRI=$1 34 file=`fmri_to_file $FMRI $IPF_SUFFIX` 35 ip=any 36 policy=`get_policy ${FMRI}` 37 iana_names="microsoft-ds netbios-ns netbios-dgm netbios-ssn" 38 39 # 40 # Enforce policy on each port 41 # 42 echo "# $FMRI" >$file 43 for name in $iana_names; do 44 port=`$SERVINFO -p -s $name 2>/dev/null` 45 if [ -z "$port" ]; then 46 continue; 47 fi 48 generate_rules $FMRI $policy "tcp" $ip $port $file 49 generate_rules $FMRI $policy "udp" $ip $port $file 50 done 51} 52 53if [ "$1" = "ipfilter" ]; then 54 create_ipf_rules $2 55fi 56exit 0 57