Someone asked me to create a script to block Asia. I was able to create a script which is able to create a blocklist for any given set of countries. It will also combine these subnets to big subnets if this is possible.
This is all working...
This script also modifies the variable rc_firewall.
I would rather keep rc_firewall clean.
I can create the chain using a symbolic link I create in /tmp/etc/config/00xxx.wanup
I can even use multiple files/links there. Somehow I can't control in which order they are being executed. It would be nice if it works the same like S* scripts.
But some tests also showed these scripts are being executed AFTER rc_firewall. This means I can't reference a chain which is being created by a *.wanup script.
I would like to put this in my rc_firewall
iptables -I FORWARD -p tcp --dport 25 --dstif br0 -j asia
Is there already or can you create an extension which will be used before rc_firewall is executed?
wget http://wd.mirmana.com/S95asiablock (only wget works)
