XorA
/
random-scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
random-scripts/firewall-setup.sh

73 lines
1.8 KiB
Bash
Executable File
Raw Blame History

#! /bin/sh
HOSTNAME=`hostname`
LOCAL_SERVICES=""
GLOBAL_SERVICES=""
LOCAL_PORTS=""
GLOBAL_PORTS=""
echo Setting up firwall for - $HOSTNAME
case $HOSTNAME in
xora-zotac)
LOCAL_SERVICES="ssh rdp samba"
GLOBAL_SERVICES="dhcpv6-client ssh"
;;
xora-acepc)
LOCAL_SERVICES="ssh rdp samba"
LOCAL_PORTS="9091/tcp 9443/tcp"
GLOBAL_SERVICES="dhcpv6-client ssh"
GLOBAL_PORTS="9443/tcp"
;;
esac
sudo firewall-cmd --permanent --delete-zone=beaky-net
sudo firewall-cmd --permanent --new-zone=beaky-net
sudo firewall-cmd --permanent --zone=beaky-net --add-source=192.168.222.0/20
sudo firewall-cmd --permanent --zone=beaky-net --add-source=2a02:8010:64d6::/48
# LOCAL SERVICES
for SERVICE in $LOCAL_SERVICES
do
echo adding local service: $SERVICE
sudo firewall-cmd --permanent --zone=beaky-net --add-service=$SERVICE
done
# LOCAL PORTS
for PORT in $LOCAL_PORTS
do
echo adding local port: $PORT
sudo firewall-cmd --permanent --zone=beaky-net --add-port=$PORT
done
# CLEAN GLOBAL SERVICES
CUR_GLOB_SERVICES=`sudo firewall-cmd --zone=public --list-services`
for SERVICE in $CUR_GLOB_SERVICES
do
echo removing public service: $SERVICE
sudo firewall-cmd --permanent --zone=public --remove-service=$SERVICE
done
# GLOBAL SERVICES
for SERVICE in $GLOBAL_SERVICES
do
echo adding public service: $SERVICE
sudo firewall-cmd --permanent --zone=public --add-service=$SERVICE
done
# CLEAN GLOBAL PORTS
CUR_GLOB_PORTS=`sudo firewall-cmd --zone=public --list-ports`
for PORT in $CUR_GLOB_PORTS
do
echo removing public port: $PORT
sudo firewall-cmd --permanent --zone=public --remove-port=$PORT
done
# GLOBAL PORTS
for PORT in $GLOBAL_PORTS
do
echo adding public port: $PORT
sudo firewall-cmd --permanent --zone=public --add-port=$PORT
done
Reference in New Issue View Git Blame Copy Permalink