Home Explore Help
Sign In
yosoyhendrix
/
vesta
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1d10dbdc4d
Branches Tags
vesta
/
bin
/
v-change-firewall-rule

v-change-firewall-rule 2.2 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. #!/bin/bash
    2. 

  2. # info: change firewall rule
    3. 

  3. # options: RULE ACTION IP PORT [PROTOCOL] [COMMENT]
    4. 

  4. #
    5. 

  5. # The function is used for changing existing firewall rule.
    6. 

  6. # It fully replace rule with new one but keeps same id.
    7. 

  7. 

  8. 

  9. #----------------------------------------------------------#
    10. 

  10. #                    Variable&Function                     #
    11. 

  11. #----------------------------------------------------------#
    12. 

  12. 

  13. # Importing system variables
    14. 

  14. source /etc/profile
    15. 

  15. 

  16. # Argument definition
    17. 

  17. rule=$1
    18. 

  18. action=$(echo $2|tr '[:lower:]' '[:upper:]')
    19. 

  19. ip=$3
    20. 

  20. port_ext=$4
    21. 

  21. protocol=${5-TCP}
    22. 

  22. protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
    23. 

  23. comment=$6
    24. 

  24. 

  25. # Includes
    26. 

  26. source $VESTA/func/main.sh
    27. 

  27. source $VESTA/conf/vesta.conf
    28. 

  28. 

  29. # Sort function
    30. 

  30. sort_fw_rules() {
    31. 

  31.     cat $VESTA/data/firewall/rules.conf |\
    32. 

  32.         sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
    33. 

  33.     mv -f $VESTA/data/firewall/rules.conf.tmp \
    34. 

  34.         $VESTA/data/firewall/rules.conf
    35. 

  35. }
    36. 

  36. 

  37. 

  38. #----------------------------------------------------------#
    39. 

  39. #                    Verifications                         #
    40. 

  40. #----------------------------------------------------------#
    41. 

  41. 

  42. check_args '5' "$#" 'RULE ACTION IP  PORT [PROTOCOL] [COMMENT]'
    43. 

  43. validate_format 'rule' 'action' 'protocol' 'port_ext' 'ip'
    44. 

  44. if [ ! -z "$comment" ]; then
    45. 

  45.     validate_format 'comment'
    46. 

  46. fi
    47. 

  47. is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
    48. 

  48. is_object_valid '../../data/firewall/rules' 'RULE' "$rule"
    49. 

  49. 

  50. 

  51. #----------------------------------------------------------#
    52. 

  52. #                       Action                             #
    53. 

  53. #----------------------------------------------------------#
    54. 

  54. 

  55. # Concatenating firewall rule
    56. 

  56. str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
    57. 

  57. str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
    58. 

  58. str="$str TIME='$TIME' DATE='$DATE'"
    59. 

  59. 

  60. # Deleting old rule
    61. 

  61. sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
    62. 

  62. 

  63. # Adding new
    64. 

  64. echo "$str" >> $VESTA/data/firewall/rules.conf
    65. 

  65. 

  66. # Sorting firewall rules by id number
    67. 

  67. sort_fw_rules
    68. 

  68. 

  69. # Updating system firewall
    70. 

  70. $BIN/v-update-firewall
    71. 

  71. 

  72. 

  73. #----------------------------------------------------------#
    74. 

  74. #                       Vesta                              #
    75. 

  75. #----------------------------------------------------------#
    76. 

  76. 

  77. # Logging
    78. 

  78. log_event "$OK" "$EVENT"
    79. 

  79. 

  80. exit
    81.