You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
47 lines
1.2 KiB
47 lines
1.2 KiB
#!/bin/bash
|
|
|
|
if [ "$USER" != "root" ] ; then
|
|
printf "Are you root? \nsudo ./install.sh\n"
|
|
exit 1
|
|
fi
|
|
|
|
|
|
#if [ "X$(which dialog)" == "X" ]; then
|
|
# apt -y install dialog
|
|
#fi
|
|
|
|
if [ "X$(which fail2ban-client)" == "X" ]; then
|
|
apt -y install fail2ban
|
|
fi
|
|
|
|
if [ ! -d /etc/network/firewall ] ; then
|
|
mkdir -p /etc/network/firewall
|
|
fi
|
|
|
|
trusted=/etc/network/firewall/trustedips.conf
|
|
trusted6=/etc/network/firewall/trustedips6.conf
|
|
|
|
if [ ! -f $trusted ]; then
|
|
# Include all local ipv4 ips (but commented), and open localhost ipv4.
|
|
ip a | grep " inet " | sed -e 's|^.*inet |#|g' -e 's|\/.*$||g' -e 's|^#127.0.0.1$|127.0.0.1|g' >> $trusted
|
|
fi
|
|
|
|
if [ ! -f $trusted6 ]; then
|
|
# Include all local ipv6 ips (but commented) and open the localhost ipv6.
|
|
ip a | grep " inet6 " | sed -e 's|^.*inet6 |#|g' -e 's|\/.*$||g' -e 's|^#::1$|::1|g' >> $trusted6
|
|
fi
|
|
|
|
cp -v firewall.service /etc/systemd/system/
|
|
cp -v firewall-init.service /etc/systemd/system/
|
|
|
|
systemctl enable firewall.service
|
|
systemctl enable firewall-init.service
|
|
|
|
if [ ! -f /etc/network/firewall/rules.sh ] ; then
|
|
cp -v rules.sh /etc/network/firewall/
|
|
fi
|
|
|
|
if [ ! -f /etc/network/firewall/init.sh ] ; then
|
|
cp -v init.sh /etc/network/firewall/
|
|
fi
|
|
|