Home Verkennen Help
Inloggen
yosoyhendrix
/
vesta
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Aftakking: revert-1065-patch-12
Aftakkingen Labels
vesta
/
bin
/
v-change-firewall-rule

v-change-firewall-rule 2.4 KB
Permalink Geschiedenis Ruwe

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. #!/bin/bash
    2. 

  2. # info: change firewall rule
    3. 

  3. # options: RULE ACTION IP PORT [PROTOCOL] [COMMENT]
    4. 

  4. #
    5. 

  5. # The function is used for changing existing firewall rule.
    6. 

  6. # It fully replace rule with new one but keeps same id.
    7. 

  7. 

  8. 

  9. #----------------------------------------------------------#
    10. 

  10. #                    Variable&Function                     #
    11. 

  11. #----------------------------------------------------------#
    12. 

  12. 

  13. # Importing system variables
    14. 

  14. source /etc/profile
    15. 

  15. 

  16. # Argument definition
    17. 

  17. rule=$1
    18. 

  18. action=$(echo $2|tr '[:lower:]' '[:upper:]')
    19. 

  19. ip=$3
    20. 

  20. port_ext=$4
    21. 

  21. protocol=${5-TCP}
    22. 

  22. protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
    23. 

  23. comment=$6
    24. 

  24. 

  25. # Includes
    26. 

  26. source $VESTA/func/main.sh
    27. 

  27. source $VESTA/conf/vesta.conf
    28. 

  28. 

  29. # Sort function
    30. 

  30. sort_fw_rules() {
    31. 

  31.     cat $VESTA/data/firewall/rules.conf |\
    32. 

  32.         sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
    33. 

  33.     mv -f $VESTA/data/firewall/rules.conf.tmp \
    34. 

  34.         $VESTA/data/firewall/rules.conf
    35. 

  35. }
    36. 

  36. 

  37. 

  38. #----------------------------------------------------------#
    39. 

  39. #                    Verifications                         #
    40. 

  40. #----------------------------------------------------------#
    41. 

  41. 

  42. check_args '5' "$#" 'RULE ACTION IP  PORT [PROTOCOL] [COMMENT]'
    43. 

  43. is_format_valid 'rule' 'action' 'protocol' 'port_ext' 'ip'
    44. 

  44. if [ ! -z "$comment" ]; then
    45. 

  45.     is_format_valid 'comment'
    46. 

  46. fi
    47. 

  47. is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
    48. 

  48. is_object_valid '../../data/firewall/rules' 'RULE' "$rule"
    49. 

  49. 

  50. 

  51. #----------------------------------------------------------#
    52. 

  52. #                       Action                             #
    53. 

  53. #----------------------------------------------------------#
    54. 

  54. 

  55. # Generating timestamp
    56. 

  56. time_n_date=$(date +'%T %F')
    57. 

  57. time=$(echo "$time_n_date" |cut -f 1 -d \ )
    58. 

  58. date=$(echo "$time_n_date" |cut -f 2 -d \ )
    59. 

  59. 

  60. # Concatenating firewall rule
    61. 

  61. str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
    62. 

  62. str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
    63. 

  63. str="$str TIME='$time' DATE='$date'"
    64. 

  64. 

  65. # Deleting old rule
    66. 

  66. sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
    67. 

  67. 

  68. # Adding new
    69. 

  69. echo "$str" >> $VESTA/data/firewall/rules.conf
    70. 

  70. 

  71. # Sorting firewall rules by id number
    72. 

  72. sort_fw_rules
    73. 

  73. 

  74. # Updating system firewall
    75. 

  75. $BIN/v-update-firewall
    76. 

  76. 

  77. 

  78. #----------------------------------------------------------#
    79. 

  79. #                       Vesta                              #
    80. 

  80. #----------------------------------------------------------#
    81. 

  81. 

  82. # Logging
    83. 

  83. log_event "$OK" "$ARGUMENTS"
    84. 

  84. 

  85. exit
    86.