changed persistence method of firewall rules

files/check_crontab.sh

@@ -10,13 +10,13 @@ if [ ! -f $md5old ]
 then
     printf "Error: %s don't exist\nCreating %s ...\n" "$md5old" "$md5old" >>$log
     md5sum $cron >$md5old
-    exit 1
+    exit 0
 fi
 if [ ! -s $md5old ]
 then
     printf "Error: %s is empty\nadding md5 hash to %s ...\n" "$md5old" "$md5old" >>$log
     md5sum $cron >$md5old
-    exit 1
+    exit 0
 fi
 if [ ! $(md5sum -c $md5old 2>/dev/null | grep $cron | cut -d' ' -f2) = "OK" ]
 then

files/firewall.conf

@@ -11,6 +11,7 @@
 -A PREROUTING -f -j DROP
 -A PREROUTING -p tcp -m conntrack --ctstate NEW -m tcpmss ! --mss 536:65535 -j DROP
 -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP
+-A PREROUTING -s 192.168.99.0/30 ! -i enp0s8 -j DROP
 -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
 -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
 -A PREROUTING -p tcp --tcp-flags SYN,RST SYN,RST -j DROP

files/interfaces

@@ -6,6 +6,7 @@ source /etc/network/interfaces.d/*
 # The loopback network interface
 auto lo
 iface lo inet loopback
+post-up iptables-restore /etc/iptables/rules.v4
 
 # The primary network interface
 auto enp0s3