diff options
author | Jan Wagner <mail@jwagner.eu> | 2015-12-16 02:51:03 +0100 |
---|---|---|
committer | Jan Wagner <mail@jwagner.eu> | 2015-12-16 02:51:03 +0100 |
commit | 07c05d4ac5d0709cba41e56da29f77ccc07d2e93 (patch) | |
tree | 2b8e5c4d9b740c2cc780797994cb0c764ed134ed /rpi2-gen-image.sh | |
parent | b5764ed82a7325999fda6154f9a58a74f6d21767 (diff) | |
download | rpi2-gen-image-07c05d4ac5d0709cba41e56da29f77ccc07d2e93.tar.gz rpi2-gen-image-07c05d4ac5d0709cba41e56da29f77ccc07d2e93.tar.bz2 rpi2-gen-image-07c05d4ac5d0709cba41e56da29f77ccc07d2e93.zip |
fix: ENABLE_IPTABLES
Diffstat (limited to 'rpi2-gen-image.sh')
-rwxr-xr-x | rpi2-gen-image.sh | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/rpi2-gen-image.sh b/rpi2-gen-image.sh index 5b6a2ff..0004ba9 100755 --- a/rpi2-gen-image.sh +++ b/rpi2-gen-image.sh @@ -123,7 +123,7 @@ mkdir -p $R # Add required packages for the minbase installation if [ "$ENABLE_MINBASE" = true ] ; then - APT_INCLUDES="${APT_INCLUDES},vim-tiny,net-tools" + APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools" else APT_INCLUDES="${APT_INCLUDES},locales" fi @@ -133,6 +133,11 @@ if [ "$ENABLE_DBUS" = true ] ; then APT_INCLUDES="${APT_INCLUDES},dbus" fi +# Add iptables IPv4/IPv6 package +if [ "$ENABLE_IPTABLES" = true ] ; then + APT_INCLUDES="${APT_INCLUDES},iptables" +fi + # Add openssh server package if [ "$ENABLE_SSHD" = true ] ; then APT_INCLUDES="${APT_INCLUDES},openssh-server" @@ -143,14 +148,17 @@ if [ "$ENABLE_HWRANDOM" = true ] ; then APT_INCLUDES="${APT_INCLUDES},rng-tools" fi -# Add xorg package -if [ "$ENABLE_XORG" = true ] ; then - APT_INCLUDES="${APT_INCLUDES},xorg" -fi - # Add fluxbox package with eterm if [ "$ENABLE_FLUXBOX" = true ] ; then APT_INCLUDES="${APT_INCLUDES},fluxbox,eterm" + + # Enable xorg package dependency + ENABLE_XORG=true +fi + +# Add xorg package +if [ "$ENABLE_XORG" = true ] ; then + APT_INCLUDES="${APT_INCLUDES},xorg" fi # Set empty proxy string @@ -293,7 +301,7 @@ if [ "$ENABLE_CONSOLE" = true ] ; then CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200" fi -# Set up ipv6 support (if requested) +# Set up IPv6 networking support if [ "$ENABLE_IPV6" = false ] ; then CMDLINE="${CMDLINE} ipv6.disable=1" fi @@ -658,10 +666,15 @@ EOM # Reload systemd configuration and enable iptables service LANG=C chroot $R systemctl daemon-reload LANG=C chroot $R systemctl enable ip6tables.service - fi fi +# Remove SSHD related iptables rules +if [ "$ENABLE_SSHD" = false ] ; then + sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null + sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/ip6tables.rules 2> /dev/null +fi + if [ "$ENABLE_UBOOT" = true ] ; then # Fetch u-boot github git -C $R/tmp clone git://git.denx.de/u-boot.git |