[Improve][rootfs][iptables]

2022.12.07 / Folus Wen

Actions:
1. Add iptables rule.

Files:
1. As follow commit history

Image version: D0.00.XX.XXXX.XX
Image checksum: XXXXXXXX

Hardware PWB P/N : XXXXXXX
Hardware Version : XXXXXXX

EVSE/rootfs/usr/bin/run_iptable_set.sh

@@ -4,15 +4,38 @@
 /sbin/iptables -A OUTPUT -p all -s any/0 -d 8.8.8.8/255.255.255.255 -j ACCEPT
 /sbin/iptables -A OUTPUT -p all -s any/0 -d 180.76.76.76/255.255.255.255 -j ACCEPT
 /sbin/iptables -A OUTPUT -p all -s any/0 -d evsocket.phihong.com.tw/255.255.255.255 -j ACCEPT
-/sbin/iptables -A OUTPUT -p all -s any/0 -d git.phihong.com.tw/255.255.255.255 -j ACCEPT
+/sbin/iptables -A OUTPUT -p all -s any/0 -d ocpp.phihong.com.tw/255.255.255.255 -j ACCEPT
 /sbin/iptables -A OUTPUT -p all -s any/0 -d ftp.phihong.com.tw/255.255.255.255 -j ACCEPT
-/sbin/iptables -A OUTPUT -p all -s any/0 -d $1/255.255.255.255 -j ACCEPT
+/sbin/iptables -A OUTPUT -p all -s any/0 -d time.windows.com/255.255.255.255 -j ACCEPT
+/sbin/iptables -A OUTPUT -p all -s any/0 -d cn.ntp.org.cn/255.255.255.255 -j ACCEPT
+/sbin/iptables -A OUTPUT -p all -s any/0 -d tock.stdtime.gov.tw/255.255.255.255 -j ACCEPT
+/sbin/iptables -A OUTPUT -p all -s any/0 -d 0.europe.pool.ntp.org/255.255.255.255 -j ACCEPT
+if [ $# -eq 1 ]; then
+   /sbin/iptables -A OUTPUT -p all -s any/0 -d $1/255.255.255.255 -j ACCEPT
+fi
+
+if [ $# -eq 2 ]; then
+   /sbin/iptables -A OUTPUT -p all -s any/0 -d $1/255.255.255.255 -j ACCEPT
+   /sbin/iptables -A OUTPUT -p all -s any/0 -d $2/255.255.255.255 -j ACCEPT
+fi
 /sbin/iptables -A OUTPUT -p all -s any/0 -d any/0 -j DROP
+
 /sbin/iptables -A INPUT -p all -s 192.168.0.0/255.255.0.0 -d any/0 -j ACCEPT
 /sbin/iptables -A INPUT -p all -s 8.8.8.8/255.255.255.255 -d any/0 -j ACCEPT
 /sbin/iptables -A INPUT -p all -s 180.76.76.76/255.255.255.255 -d any/0 -j ACCEPT
 /sbin/iptables -A INPUT -p all -s evsocket.phihong.com.tw/255.255.255.255 -d any/0 -j ACCEPT
-/sbin/iptables -A INPUT -p all -s git.phihong.com.tw/255.255.255.255 -d any/0 -j ACCEPT
+/sbin/iptables -A INPUT -p all -s ocpp.phihong.com.tw/255.255.255.255 -d any/0 -j ACCEPT
 /sbin/iptables -A INPUT -p all -s ftp.phihong.com.tw/255.255.255.255 -d any/0 -j ACCEPT
-/sbin/iptables -A INPUT -p all -s $1/255.255.255.255 -d any/0 -j ACCEPT
+/sbin/iptables -A INPUT -p all -s time.windows.com/255.255.255.255 -d any/0 -j ACCEPT
+/sbin/iptables -A INPUT -p all -s cn.ntp.org.cn/255.255.255.255 -d any/0 -j ACCEPT
+/sbin/iptables -A INPUT -p all -s tock.stdtime.gov.tw/255.255.255.255 -d any/0 -j ACCEPT
+/sbin/iptables -A INPUT -p all -s 0.europe.pool.ntp.org/255.255.255.255 -d any/0 -j ACCEPT
+if [ $# -eq 1 ]; then
+   /sbin/iptables -A INPUT -p all -s $1/255.255.255.255 -d any/0 -j ACCEPT
+fi
+
+if [ $# -eq 2 ]; then
+   /sbin/iptables -A INPUT -p all -s $1/255.255.255.255 -d any/0 -j ACCEPT
+   /sbin/iptables -A INPUT -p all -s $2/255.255.255.255 -d any/0 -j ACCEPT
+fi
 /sbin/iptables -A INPUT -p all -s any/0 -d any/0 -j DROP