| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 |
- #!/bin/bash
- # info: delete firewall chain
- # options: CHAIN
- #
- # The function adds new rule to system firewall
- #----------------------------------------------------------#
- # Variable&Function #
- #----------------------------------------------------------#
- # Importing system variables
- source /etc/profile
- # Argument definition
- chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
- # Defining absolute path to iptables
- iptables="/sbin/iptables"
- # Includes
- source $VESTA/func/main.sh
- source $VESTA/conf/vesta.conf
- #----------------------------------------------------------#
- # Verifications #
- #----------------------------------------------------------#
- check_args '1' "$#" 'CHAIN'
- is_format_valid 'chain'
- is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
- #----------------------------------------------------------#
- # Action #
- #----------------------------------------------------------#
- # Deleting chain
- chains=$VESTA/data/firewall/chains.conf
- banlist=$VESTA/data/firewall/banlist.conf
- chain_param=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
- if [ ! -z "$chain_param" ]; then
- eval $chain_param
- sed -i "/CHAIN='$chain'/d" $chains
- sed -i "/CHAIN='$chain'/d" $banlist
- $iptables -D INPUT -p $PROTOCOL \
- --dport $PORT -j fail2ban-$CHAIN 2>/dev/null
- fi
- # Deleting iptables chain
- $iptables -F fail2ban-$CHAIN 2>/dev/null
- $iptables -X fail2ban-$CHAIN 2>/dev/null
- # Changing permissions
- chmod 660 $chains
- #----------------------------------------------------------#
- # Vesta #
- #----------------------------------------------------------#
- # Logging
- log_event "$OK" "$ARGUMENTS"
- exit
|
