#!/bin/bash
# (C) 2024 Peter Varkoly <pvarkoly@cephalix.eu> All rights reserved
source /etc/sysconfig/cranix || exit 1
DEVICE=$( ip route show default | awk '/default/ {print $5}' )

IFS=","
for network in $( /usr/sbin/crx_api.sh GET system/enumerates/network | sed -e 's/\[//' -e 's/\]//' -e 's/"//g' )
do
	/usr/sbin/iptables -I FORWARD -s ${network} -o ${DEVICE} -m state --state NEW -j LOG --log-prefix "NEW-CON "
done
