From c9c815b3b81ed85c0470631c2c665d5615a9a82f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Leite=20Gon=C3=A7alves?=
 <ricleitepessoal@gmail.com>
Date: Tue, 20 Jul 2021 06:13:01 +0000
Subject: [PATCH] Added /etc/network/firewall/trustedips.conf,trustedips6.conf

---
 README.md  |  2 +-
 install.sh | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 400484d..cd0011b 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,3 @@
 # firewall
 
-Scripts de firewall iptables compatíveis com docker e com fail2log.
\ No newline at end of file
+Scripts de firewall iptables compatíveis com docker e com fail2ban.
diff --git a/install.sh b/install.sh
index 3fbc7fd..9ded030 100755
--- a/install.sh
+++ b/install.sh
@@ -5,6 +5,7 @@ if [ "$USER" != "root"  ] ; then
    exit 1
 fi
 
+
 #if [ "X$(which dialog)" == "X" ]; then
 #   apt -y install dialog
 #fi
@@ -17,6 +18,19 @@ if [ ! -d /etc/network/firewall ] ; then
    mkdir -p /etc/network/firewall
 fi
 
+trusted=/etc/network/firewall/trustedips.conf
+trusted6=/etc/network/firewall/trustedips6.conf
+
+if [ ! -f $trusted ]; then
+   # Include all local ipv4 ips (but commented), and open localhost ipv4.
+   ip a | grep " inet " | sed -e 's|^.*inet |#|g' -e 's|\/.*$||g' -e 's|^#127.0.0.1$|127.0.0.1|g' >> $trusted
+fi
+
+if [ ! -f $trusted6 ]; then
+   # Include all local ipv6 ips (but commented) and open the localhost ipv6.
+   ip a | grep " inet6 " | sed -e 's|^.*inet6 |#|g' -e 's|\/.*$||g' -e 's|^#::1$|::1|g' >> $trusted6
+fi
+
 cp -v firewall.service /etc/systemd/system/
 cp -v firewall-init.service /etc/systemd/system/