/usr/share/fwbuilder-5.1.0.3599/configlets/freebsd/routing_functions is in fwbuilder-common 5.1.0-4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | ## -*- mode: shell-script; -*-
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/bsd/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##
# ============== ROUTING RULES ==============
TMPDIRNAME=`mktemp -d /tmp/.fwbuilder.XXXXXXXXXX` || exit 1
TMPFILENAME="$TMPDIRNAME/.fwbuilder.out"
#
# This function stops stdout redirection
# and sends previously saved output to terminal
restore_script_output()
{
exec 1>&3 2>&1
cat $TMPFILENAME
rm -rf $TMPDIRNAME
}
# if any routing rule fails we do our best to prevent freezing the firewall
route_command_error()
{
echo "Error: Routing rule $1 couldn't be activated"
echo "Recovering previous routing configuration..."
# delete current routing rules
netstat -rn -f inet | awk '$3 ~ /S/ && $NF !~ /lo0/ { print $0;}' | \
while read route gw rest; do route delete $route $gw; done
# restore old routing rules
(IFS="
"; for route_cmd in $oldRoutes; do (IFS=' '; $route_cmd); done)
echo "...done"
restore_script_output
epilog_commands
exit 1
}
# redirect output to prevent ssh session from stalling
exec 3>&1
exec 1> $TMPFILENAME
exec 2>&1
oldRoutes=$(netstat -rn -f inet | awk '/^$|Destination|Routing tables|Internet:/ {next;} {printf "route add %s %s\n",$1,$2;}')
echo "Deleting routing rules previously set by user space processes..."
netstat -rn -f inet | awk '$3 ~ /S/ { print $0;}' | grep -Ev {{$route_filter}} | \
while read route gw rest; do route delete $route $gw; done
echo "Activating routing rules..."
|