#! /bin/sh

HOSTNAME=`hostname`
LOCAL_SERVICES=""
GLOBAL_SERVICES=""
LOCAL_PORTS=""
GLOBAL_PORTS=""

echo Setting up firwall for - $HOSTNAME

case $HOSTNAME in
    xora-zotac)
        LOCAL_SERVICES="ssh rdp samba"
        GLOBAL_SERVICES="dhcpv6-client ssh"
        ;;
    xora-acepc)
        LOCAL_SERVICES="ssh rdp samba"
        LOCAL_PORTS="9091/tcp 9443/tcp"
        GLOBAL_SERVICES="dhcpv6-client ssh"
        GLOBAL_PORTS="9443/tcp"
        ;;
esac

sudo firewall-cmd --permanent --delete-zone=beaky-net
sudo firewall-cmd --permanent --new-zone=beaky-net
sudo firewall-cmd --permanent --zone=beaky-net --add-source=192.168.222.0/20
sudo firewall-cmd --permanent --zone=beaky-net --add-source=2a02:8010:64d6::/48

# LOCAL SERVICES
for SERVICE in $LOCAL_SERVICES
do
    echo adding local service: $SERVICE
	sudo firewall-cmd --permanent --zone=beaky-net --add-service=$SERVICE
done

# LOCAL PORTS
for PORT in $LOCAL_PORTS
do
    echo adding local port: $PORT
    sudo firewall-cmd --permanent --zone=beaky-net --add-port=$PORT
done

# CLEAN GLOBAL SERVICES
CUR_GLOB_SERVICES=`sudo firewall-cmd --zone=public --list-services`
for SERVICE in $CUR_GLOB_SERVICES
do
    echo removing public service: $SERVICE
    sudo firewall-cmd --permanent --zone=public --remove-service=$SERVICE
done

# GLOBAL SERVICES
for SERVICE in $GLOBAL_SERVICES
do
    echo adding public service: $SERVICE
	sudo firewall-cmd --permanent --zone=public --add-service=$SERVICE
done

# CLEAN GLOBAL PORTS
CUR_GLOB_PORTS=`sudo firewall-cmd --zone=public --list-ports`
for PORT in $CUR_GLOB_PORTS
do
    echo removing public port: $PORT
    sudo firewall-cmd --permanent --zone=public --remove-port=$PORT
done

# GLOBAL PORTS
for PORT in $GLOBAL_PORTS
do
    echo adding public port: $PORT
	sudo firewall-cmd --permanent --zone=public --add-port=$PORT
done