Strona główna Odkrywaj Pomoc
Zaloguj się
yosoyhendrix
/
vesta
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: 1d10dbdc4d
Gałęzie Tagi
vesta
/
bin
/
v-add-firewall-rule

v-add-firewall-rule 2.4 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 
  1. #!/bin/bash
    2. 

  2. # info: add firewall rule
    3. 

  3. # options: ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]
    4. 

  4. #
    5. 

  5. # The function adds new rule to system firewall
    6. 

  6. 

  7. 

  8. #----------------------------------------------------------#
    9. 

  9. #                    Variable&Function                     #
    10. 

  10. #----------------------------------------------------------#
    11. 

  11. 

  12. # Importing system variables
    13. 

  13. source /etc/profile
    14. 

  14. 

  15. # Argument definition
    16. 

  16. action=$(echo $1|tr '[:lower:]' '[:upper:]')
    17. 

  17. ip=$2
    18. 

  18. port_ext=$3
    19. 

  19. protocol=${4-TCP}
    20. 

  20. protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
    21. 

  21. comment=$5
    22. 

  22. rule=$6
    23. 

  23. 

  24. # Includes
    25. 

  25. source $VESTA/func/main.sh
    26. 

  26. source $VESTA/conf/vesta.conf
    27. 

  27. 

  28. # Get next firewall rule id
    29. 

  29. get_next_fw_rule() {
    30. 

  30.     if [ -z "$rule" ]; then
    31. 

  31.         curr_str=$(grep "RULE=" $VESTA/data/firewall/rules.conf |\
    32. 

  32.          cut -f 2 -d \' | sort -n | tail -n1)
    33. 

  33.         rule="$((curr_str +1))"
    34. 

  34.     fi
    35. 

  35. }
    36. 

  36. 

  37. sort_fw_rules() {
    38. 

  38.     cat $VESTA/data/firewall/rules.conf |\
    39. 

  39.         sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
    40. 

  40.     mv -f $VESTA/data/firewall/rules.conf.tmp \
    41. 

  41.         $VESTA/data/firewall/rules.conf
    42. 

  42. }
    43. 

  43. 

  44. 

  45. #----------------------------------------------------------#
    46. 

  46. #                    Verifications                         #
    47. 

  47. #----------------------------------------------------------#
    48. 

  48. 

  49. check_args '3' "$#" 'ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]'
    50. 

  50. validate_format 'action' 'protocol' 'port_ext' 'ip'
    51. 

  51. is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
    52. 

  52. get_next_fw_rule
    53. 

  53. validate_format 'rule'
    54. 

  54. is_object_new '../../data/firewall/rules' 'RULE' "$rule"
    55. 

  55. if [ ! -z "$comment" ]; then
    56. 

  56.     validate_format 'comment'
    57. 

  57. fi
    58. 

  58. 

  59. 

  60. #----------------------------------------------------------#
    61. 

  61. #                       Action                             #
    62. 

  62. #----------------------------------------------------------#
    63. 

  63. 

  64. # Concatenating rule
    65. 

  65. str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
    66. 

  66. str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
    67. 

  67. str="$str TIME='$TIME' DATE='$DATE'"
    68. 

  68. 

  69. # Adding to config
    70. 

  70. echo "$str" >> $VESTA/data/firewall/rules.conf
    71. 

  71. 

  72. # Changing permissions
    73. 

  73. chmod 660 $VESTA/data/firewall/rules.conf
    74. 

  74. 

  75. # Sorting firewall rules by id number
    76. 

  76. sort_fw_rules
    77. 

  77. 

  78. # Updating system firewall
    79. 

  79. $BIN/v-update-firewall
    80. 

  80. 

  81. 

  82. #----------------------------------------------------------#
    83. 

  83. #                       Vesta                              #
    84. 

  84. #----------------------------------------------------------#
    85. 

  85. 

  86. # Logging
    87. 

  87. log_event "$OK" "$EVENT"
    88. 

  88. 

  89. exit
    90.