How to include all files from a directory in shell script (/etc/init.d/iptables in this case)

Add the following line to your init.d script.

run-parts --report /etc/iptables/include.d

It will run everything in the directory as a shell script (need to be executable).

If you you only want to execute files that ends with .port you could use something like:

run-parts --regex '\.port$' /etc/iptables/include.d/

If you want to make sure the order is correct you can name the files:

10_web.port
20_ssh.port
etc..

for f in /etc/iptables/include.d/*
 . $f
done

note space between dot and %f

Saurabh is right - this will not necessary work as you intend, but use some naming convention eg 10-xxx, 20-yyy and so on and it might be manageable.

You can define simple function in bash:

function include() {
    for FILE in $( find "$1" -type f -print | sort )
    do
        source $FILE
    done
}

and then:

include some_dir/*

or even:

include some_dir/*.conf

You may also consider building the iptables script from template files, one of which would be the original iptables script. create a script which will read your template files in the relevant directories and create a new iptables script from them. That way when you need to make changes you do so in the templates and just rerun your script generator.

Using this method you could even get fancy and place markers in the base template which can be used to signal when to include files from specific directories in your template tree.

I do not think you can include files in iptables configuration. The choice makes sense as firewall rules depend a lot on order in which they are written. If we just include files in folder, iptables wont know which rules to put first and which later.

To well behave with empty dir include.d/ you can do:

for f in /etc/iptables/include.d/*; do
  [[ -e "${f}" ]] && . "${f}"
done