Hello

This patch supposed fixes some bugs and changes behavior of Latian
traffic detection.

 - Previous versions used lvbad lvok chains to apply country based
   policy. Now it is changed a little bit. First - lv chains are
   moved to mangle table (-t mangle) and default behavior is to set
   mark on packets to 1 (Latvian) or 2 (foreign). You may use those
   marks in any other table latter (-m mark --mark 1). Consult
   iptables manual for more information.

 - This version behaves better, when gix is not reached. It will
   skip attempt and will not clean up Latian table rules.

 

If any question, write me:
 romans@void.lv




diff -ruN lv_ip_checker-1.1/Makefile lv_ip_checker-1.1~/Makefile
--- lv_ip_checker-1.1/Makefile	Mon Jan  7 02:06:43 2002
+++ lv_ip_checker-1.1~/Makefile	Wed Dec 25 09:56:11 2002
@@ -4,9 +4,9 @@
 
 all-adm:		all adm
 
-adm:
-			./chains.lv && ipchains-save > /etc/ipchains
-			#./tables.lv && iptables-save > /etc/iptables
+adm:			check
+			#./chains.lv && ipchains-save > /etc/ipchains
+			./tables.lv && iptables-save > /etc/iptables
 			#squid -k reconfigure
 
 squid.conf:		rules.lv prefix postfix
@@ -31,10 +31,7 @@
 			./lvacl.sh > rules.lv
 
 lv.ip:			table.old check
-			grep -v '^#' table.old > lv.ip
-
-check:			
-			touch check
+			grep '^[0-9]' table.old > lv.ip
 
 clean:
 			rm -f check lv.ip squid.conf table.new table.old \
diff -ruN lv_ip_checker-1.1/checknew.sh lv_ip_checker-1.1~/checknew.sh
--- lv_ip_checker-1.1/checknew.sh	Fri Feb 23 15:10:18 2001
+++ lv_ip_checker-1.1~/checknew.sh	Wed Dec 25 09:57:14 2002
@@ -1,4 +1,5 @@
-lynx http://www.nic.lv/local.net -dump > table.new
+wget http://www.nic.lv/local.net -O table.new || { echo "aborting.."; rm table.new check; exit 1; }
+[ -f check ] || touch check
 cmp table.new table.old >/dev/null 2>&1 && exit
 rm -f check
 [ `wc -l <table.new` -lt 10 ] && rm -f table.new
diff -ruN lv_ip_checker-1.1/geniptables.sh lv_ip_checker-1.1~/geniptables.sh
--- lv_ip_checker-1.1/geniptables.sh	Mon Jan  7 01:33:29 2002
+++ lv_ip_checker-1.1~/geniptables.sh	Mon Oct 14 13:33:50 2002
@@ -1,6 +1,10 @@
-echo iptables -N lvok
-echo iptables -N latvia
-echo iptables -N lvbad
-echo iptables -F latvia
-sed 's/^.*$/iptables -A latvia -d & -j lvok/' lv.ip
-echo 'iptables -A latvia -j lvbad'
+echo iptables -t mangle -N lvok
+echo iptables -t mangle -N latvia
+echo iptables -t mangle -N lvbad
+echo iptables -t mangle -F lvok
+echo iptables -t mangle -F lvbad
+echo iptables -t mangle -F latvia
+echo iptables -t mangle -A lvok -j MARK --set-mark 1
+echo iptables -t mangle -A lvbad -j MARK --set-mark 2
+sed 's/^.*$/iptables -t mangle -A latvia -d & -m mark --mark 0 -j lvok/' lv.ip
+echo 'iptables -t mangle -A latvia -m mark --mark 0 -j lvbad'