
#-----------------------------------------------------------------------
# DESCRIPTION
#-----------------------------------------------------------------------
#
# This module should be placed in /etc/firewall/modules/public/services.
# You'll also need the port forwarding module (in public/port-forwarding)
#
# Your PCAnywhere must be using TCP/IP Compatibility mode. If it isn't
# working visit symantec.com and search for "How to change the pcAywhere
# IP ports". There is a short section on "Restricting pcAnywhere ports".
# Follow those instructions (it's a registry change on the host and
# remote) and then it should be working ok.
#
# After installing the module, the user should execute rc.firewall with
# the --update-config parameter. The necessary options will be added to
# the configuration file.
#
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2001-02-05  Edwin ten Brink <edwin@privateer.student.utwente.nl>
#             Initial creation for v5.1
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 23
#a# accept ignore deny
#i# cluster
#n# pcanywhere
#t# clients
#
#   |--------------------------------------------------------------------|
#d# pcanywhere (Ports 5631 TCP, 5632 UDP)
#d# The following rules will allow an external Windows PC to connect to
#d# an internal PcAnywhere host when strict or paranoid mode is on.
#d# Your PCAnywhere must be using TCP/IP Compatibility mode. If it isn't
#d# working visit symantec.com and search for "How to change the pcAywhere 
#d# IP ports". There is a short section on "Restricting pcAnywhere ports". 
#d# Follow those instructions (it's a registry change on the host and 
#d# remote) and then it should be working ok.
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

module_name="pcanywhere"    # module name used in options
module_type="clients"       # the module type (clients, servers, etc.)
service_name="PcAnywhere"   # displayed on-screen
tcp_service_port="5631"     # port number for this service
udp_service_port="5632"     # port number for this service

for action in ignore deny accept
do
	case $action in
		accept|ignore)
				action_log_msg="$LOG_MSG"; action_log="$LOG";;
		deny)	action_log_msg="(logged)"; action_log="-l"  ;;
	esac

	for host in `Option_Value $action $INTOPT $module_name $module_type`
	do
		case $action in
			ignore|deny)
				echo "Deny $INTOPT $IPADDR $service_name <- $host $action_log_msg"
				ipchains -A $INCHAIN -j DENY -p tcp -s $host -d $IPADDR $tcp_service_port $action_log
				ipchains -A $INCHAIN -j DENY -p udp -s $host -d $IPADDR $udp_service_port $action_log
				;;
			accept)
				Accept_Hostports local tcp "$service_name" $host $tcp_service_port
				Accept_Hostports local udp "$service_name" $host $udp_service_port
				;;
		esac
	done
done
unset module_name module_type service_name service_port
unset action action_log_msg action_log host

