notkshitij/scripts
1
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

Completed revamped the firewall script.

Browse Source 
- Taking input params while executing the script instead of choosing an option.
  - Created separate functions for each profile.
  - Calling profile functions in switch-case now.
This commit is contained in:
K
2025-09-08 05:30:09 +05:30
parent e6ddddd369
commit b90dbce551
1 changed files with 99 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
firewall.sh
+73 -25
View File
@@ -1,56 +1,104 @@
#!/bin/bash #!/bin/bash
echo -e "--- MAIN MENU ---\n1. Home profile\n2. Public profile\n3. PANIC MODE\n4. Exit" INPUT_PARAM=$1
read -p "Choose an option: " optn
line="--------------------------------------------" line="--------------------------------------------"
case $optn in # param check
1) # Home profile if [ -z "$1" ]; then
for i in {0..5} echo -e "No parameter passed.\nAvailable parameters are:\n\thome -> Switches to home profile\n\tpublic -> Switches to public profile\n\tpanic -> Switches to PANIC profile (blocks all incoming, outgoing and routed connections)"
do exit 1
fi
existing_check() {
if [ $(sudo ufw status | wc -l) -gt 1 ] && sudo ufw status | grep -q "ALLOW"; then
echo 'Existing rules found. Deleting...'
while true; do
yes | sudo ufw delete 1 yes | sudo ufw delete 1
if [ $(sudo ufw status | wc -l) -eq 1 ]; then
echo 'Deleted all existing allowed connections.'
break
fi
done done
return 0
else
return 0
fi
return 1
}
home() {
echo -e "Applying home profile...\n$line"
existing_check
status=$?
if [ $status -eq 0 ]; then
sudo ufw default deny incoming sudo ufw default deny incoming
sudo ufw default allow outgoing sudo ufw default allow outgoing
sudo ufw status verbose sudo ufw status verbose
sudo ufw allow in from any to any port 1714:1764 proto tcp # KDE TCP sudo ufw allow in from any to any port 1714:1764 proto tcp # KDE TCP
sudo ufw allow in from any to any port 1714:1764 proto udp # KDE UDP sudo ufw allow in from any to any port 1714:1764 proto udp # KDE UDP
sudo ufw allow in from 192.168.219.0/24 to any port 22000 # Syncthing TCP sudo ufw allow in from 192.168.255.0/24 to any port 22000 # Syncthing TCP
sudo ufw allow in from 192.168.219.0/24 to any port 21027 proto udp # Syncthing UDP sudo ufw allow in from 192.168.255.0/24 to any port 21027 proto udp # Syncthing UDP
sudo ufw reload sudo ufw reload
echo "$line" echo "$line"
sudo ufw status verbose sudo ufw status verbose
echo "$line" echo "$line"
;; echo -e "Home profile applied."
2) # Public profile else
for i in {0..5} echo 'Something went wrong'
do exit 1
yes | sudo ufw delete 1 fi
done }
public() {
echo -e "Applying public profile...\n$line"
existing_check
status=$?
if [ $status -eq 0 ]; then
sudo ufw default deny incoming sudo ufw default deny incoming
sudo ufw default allow outgoing sudo ufw default allow outgoing
sudo ufw reload sudo ufw reload
echo "$line" echo "$line"
sudo ufw status verbose sudo ufw status verbose
echo "$line" echo "$line"
;; echo 'Applied public profile.'
3) # Panic mode else
for i in {0..7} echo 'Something went wrong'
do exit 1
yes | sudo ufw delete 1 fi
done }
panic() {
echo -e "Appling PANIC profile...\n$line"
existing_check
status=$?
if [ $status -eq 0 ]; then
sudo ufw default deny incoming sudo ufw default deny incoming
sudo ufw default deny outgoing sudo ufw default deny outgoing
sudo ufw reload sudo ufw reload
echo "$line" echo "$line"
sudo ufw status verbose sudo ufw status verbose
echo "$line" echo "$line"
echo 'PANIC profile applied.'
else
echo 'Something went wrong'
exit 1
fi
}
case ${INPUT_PARAM,,} in
home)
home
;; ;;
4) # Exit public)
echo '## END OF SCRIPT' public
exit 0
;; ;;
*) # Default panic)
echo 'Please choose a valid option (1-4).' panic
;; ;;
esac esac