124 lines
3.5 KiB
Bash
124 lines
3.5 KiB
Bash
#!/bin/sh
|
|
# By Brielle Bruns <bruns@2mbit.com>
|
|
# URL: http://www.sosdg.org/freestuff/firewall
|
|
# License: GPLv3
|
|
#
|
|
# Copyright (C) 2009 - 2010 Brielle Bruns
|
|
# Copyright (C) 2009 - 2010 The Summit Open Source Development Group
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
# display_c $COLOR $TEXT BOOL(YN)
|
|
# $COLOR being bash colors
|
|
# $TEXT being what to output (make sure to put " " around text)
|
|
# BOOL being (Y or N) to do newline at end or not
|
|
function display_c {
|
|
unset COLOR_CODE TEXT NEWLINE
|
|
DEFAULT_COLOR="\E[39m"
|
|
COLOR_CODE=`pick_color $1`
|
|
TEXT="$2"
|
|
if [ "$3" == "N" ]; then
|
|
NEWLINE="-n"
|
|
fi
|
|
echo -e $NEWLINE "$COLOR_CODE$TEXT$DEFAULT_COLOR"
|
|
}
|
|
|
|
|
|
# display_m $COLOR(IGNORED) $TEXT BOOL(YN)
|
|
# Non-color version of display_c
|
|
function display_m {
|
|
unset TEXT NEWLINE
|
|
TEXT="$2"
|
|
if [ "$3" == "N" ]; then
|
|
NEWLINE="-n"
|
|
fi
|
|
echo -e $NEWLINE "$TEXT"
|
|
}
|
|
|
|
# pick_color $COLOR
|
|
# returns appropriate color codes for use in display_c and such
|
|
function pick_color {
|
|
case $1 in
|
|
BLUE) COLOR="\E[34m" ;;
|
|
GREEN) COLOR="\E[32m" ;;
|
|
RED) COLOR="\E[31m" ;;
|
|
YELLOW) COLOR="\E[33m" ;;
|
|
PURPLE) COLOR="\E[35m" ;;
|
|
AQUA) COLOR="\E[36m" ;;
|
|
WHITE) COLOR="\E[1m" ;;
|
|
GREY) COLOR="\E[37m" ;;
|
|
*) COLOR="\E[37m" ;;
|
|
esac
|
|
echo "$COLOR"
|
|
}
|
|
|
|
# reset_color
|
|
function reset_color {
|
|
unset NEWLINE
|
|
DEFAULT_COLOR="\E[39m"
|
|
if [ "$1" == "N" ]; then
|
|
NEWLINE="-n"
|
|
fi
|
|
echo $NEWLINE -e "$DEFAULT_COLOR"
|
|
}
|
|
|
|
# iptables_rules_flush (ipv6|ipv4)
|
|
# Clear all rules from iptables - be very careful in how this is called as it
|
|
# could easily lock out the user from the network. Best way to be safe, is to
|
|
# call iptables_policy_reset first then this function.
|
|
function iptables_rules_flush {
|
|
IP_VERSION=$0
|
|
case $IP_VERSION in
|
|
ipv6) VER_IPTABLES=$IP6TABLES ;;
|
|
ipv4|*) VER_IPTABLES=$IPTABLES ;;
|
|
esac
|
|
$VER_IPTABLES --flush &>/dev/null
|
|
$VER_IPTABLES -F OUTPUT &>/dev/null
|
|
$VER_IPTABLES -F PREROUTING &>/dev/null
|
|
$VER_IPTABLES -F POSTROUTING &>/dev/null
|
|
$VER_IPTABLES -F -t mangle &>/dev/null
|
|
if [ $NAT ] && [ $IP_VERSION == "ipv4" ]; then
|
|
$VER_IPTABLES -F -t nat &>/dev/null
|
|
fi
|
|
$VER_IPTABLES -F -t raw &>/dev/null
|
|
}
|
|
|
|
# iptables_policy_set (ipv6|ipv4) (ACCEPT|DROP)
|
|
# Sets all policy rules to either ACCEPT or DROP for ipv4 or ipv6
|
|
function iptables_policy_reset {
|
|
IP_VERSION=$0
|
|
SET_POLICY=${1=ACCEPT}
|
|
case $IP_VERSION in
|
|
ipv6) VER_IPTABLES=$IP6TABLES ;;
|
|
ipv4|*) VER_IPTABLES=$IPTABLES ;;
|
|
esac
|
|
$VER_IPTABLES --policy INPUT $SET_POLICY
|
|
$VER_IPTABLES --policy OUTPUT $SET_POLICY
|
|
$VER_IPTABLES --policy FORWARD $SET_POLICY
|
|
}
|
|
|
|
# show_help
|
|
# Show command line options help
|
|
function show_help {
|
|
echo -e "Firewall/SOSDG ${FW_VERSION}
|
|
Brielle Bruns <bruns@2mbit.com>
|
|
http://www.sosdg.org/freestuff/firewall
|
|
This program comes with ABSOLUTELY NO WARRANTY.
|
|
This is free software, and you are welcome to
|
|
redistribute it under certain conditions.
|
|
|
|
--help\t\tShows this info
|
|
--flush\t\tFlushes all rules back to default ACCEPT
|
|
"
|
|
} |