#!/bin/bash #(c) Roy Cohen 23/11/2012 :roy@wondercohen.nl #original script :http://www.howtoforge.com/bash-script-for-configuring-iptables-firewall #objective :IPtables administering tool #last update :29/11/2012 #version :0.2 # Parameters IPT="/sbin/iptables" IPTSAVE="/etc/init.d/iptables save" echo -e"" ###############################IPTABLE SERVICES PROGRAM BEGINS HERE############################### function checkstatus() { opt_checkstatus=1 while [ $opt_checkstatus != 7 ] do clear #echo -e "\nChoose the Option Bellow!!!\n echo -e "\n\t*****Note: Save your Iptables before stop/Restart the iptables Services*****\n" echo -e " 1. Save the iptables\n 2. Status of Iptables\n 3. Start iptables Services\n 4. Stop iptables Services\n 5. Restart iptable Services\n 6. Flush iptables (**Use Carefully_it will remove all the rules from iptables**)\n 7. Go back to Main Menu" read opt_checkstatus case $opt_checkstatus in 1) echo -e "*******************************************************\n" /etc/init.d/iptables save echo -e "\n*******************************************************\n" echo -e "Press Enter key to Continue..." read temp;; 2) echo -e "*******************************************************\n" /etc/init.d/iptables status echo -e "*******************************************************" echo -e "Press Enter key to Continue..." read temp;; 3) echo -e "*******************************************************\n" /etc/init.d/iptables start echo -e "*******************************************************\n" echo -e "Press Enter key to Continue..." read temp;; 4) echo -e "*******************************************************\n" /etc/init.d/iptables stop echo -e "*******************************************************\n" echo -e "Press Enter key to Continue..." read temp;; 5) echo -e "*******************************************************\n" /etc/init.d/iptables restart echo -e "*******************************************************\n" echo -e "Press Enter key to Continue..." read temp;; 6) iptables -F echo -e "*******************************************************" echo -e "All the Rules from the Iptables are Flushed!!!" echo -e "*******************************************************\n" echo -e "Press Enter key to Continue..." read temp;; 7) main;; *) echo -e "Wrong Option Selected!!!" esac done } ###############################BUILD FIREWALL PROGRAM BEGINS FROM HERE############################### function buildfirewall() { function buildfirewallprogram () { ###############Getting the Chain############ clear echo -e "Using Which Chain of Filter Table?\n 1. INPUT 2. OUTPUT 3. Forward 4. Go back to Main Menu" read opt_ch case $opt_ch in 1) chain="INPUT" ;; 2) chain="OUTPUT" ;; 3) chain="FORWARD" ;; 4) main;; *) echo -e "Wrong Option Selected!!!" esac #########Getting Source IP Address########## #Label echo -e "Please the Source IP Address\n 1. Firewall using Single Source IP 2. Firewall using Source Subnet 3. Firewall using for All Source Networks 4. Firewall choose a source file containing ip addesses 5. Go back to Main Menu" read opt_ip_srource case $opt_ip_srource in 1) echo -e "\nPlease Enter the IP Address of the Source" read ip_source ;; 2) echo -e "\nPlease Enter the Source Subnet (e.g 192.168.10.0/24)" read ip_source ;; 3) ip_source="0/0" ;; 4) echo -e "\nPlease Enter the file name." read ip_source ;; 5) main;; #6) ip_source = "NULL" ;; *) echo -e "Wrong Option Selected" esac ##############Chose interface############### echo -e " \nDo you want to Configure a Network Interface or a Destination Networks?\n 1. Configure a Network Interface 2. Configure a Destination Networks Only 3. Go back to Main Menu" read opt_int case $opt_int in 1) echo -e "\nPlease Enter a Network Interface." read interface ;; 2) interface="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac if [ $opt_int == "2" ]; then #########Getting Destination IP Address########## echo -e "Please Enter the IP Address of the Destination\n 1. Firewall using Single Destination IP 2. Firewall using Destination Subnet 3. Firewall using for All Destination Networks 4. Go back to Main Menu" read opt_ip_dest case $opt_ip_dest in 1) echo -e "\nPlease Enter the IP Address of the Destination" read ip_dest ;; 2) echo -e "\nPlease Enter the Destination Subnet (e.g 192.168.10.0/24)" read ip_dest ;; 3) ip_dest="0/0" ;; 4) main;; *) echo -e "Wrong Option Selected" esac ###############Getting the Protocol############# echo -e " 1. All Traffic of TCP 2. Specific TCP Service 3. Not using a specific Protocol 4. Go back to Main Menu" read proto_ch case $proto_ch in 1) proto=tcp ;; 2) echo -e "Enter the TCP Service Name:" read proto ;; 3) proto="NULL" ;; 4) main;; *) echo -e "Wrong option Selected!!!" esac ###############Getting the Destination Port############# echo -e "\nConfigure the Destination Port\n 1. Specific Destination Port 2. No Destination Port 3. Go back to Main Menu" read port_ch case $port_ch in 1) echo -e "Enter the Destination Port:" read port ;; 2) prot="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac #############What to do With Rule############# echo -e "\nWhat to do with Rule? 1. Accept the Packet 2. Reject the Packet 3. Drop the Packet 4. Create Log 5. Go back to Main Menu" read rule_ch case $rule_ch in 1) rule="ACCEPT" ;; 2) rule="REJECT" ;; 3) rule="DROP" ;; 4) rule="LOG" ;; 5) main;; esac else ###############Getting the Protocol############# echo -e " 1. All Traffic of TCP 2. Specific TCP Service 3. Not using a specific Protocol 4. Go back to Main Menu" read proto_ch case $proto_ch in 1) proto=tcp ;; 2) echo -e "Enter the TCP Service Name:" read proto ;; 3) proto="NULL" ;; 4) main;; *) echo -e "Wrong option Selected!!!" esac ###############Getting the Destination Port############# echo -e "\nConfigure the Destination Port\n 1. Specific Destination Port 2. No Destination Port 3. Go back to Main Menu" read port_ch case $port_ch in 1) echo -e "Enter the Destination Port:" read port ;; 2) prot="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac #############What to do With Rule############# echo -e "\nWhat to do with Rule? 1. Accept the Packet 2. Reject the Packet 3. Drop the Packet 4. Create Log 5. Go back to Main Menu" read rule_ch case $rule_ch in 1) rule="ACCEPT" ;; 2) rule="REJECT" ;; 3) rule="DROP" ;; 4) rule="LOG" ;; 5) main;; esac fi } ###################Generating the Rule#################### buildfirewallprogram function generate_rule_single_ip() { if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule" gen=1 elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule" gen=2 elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ip_source -i $interface --dport $port -j $rule" gen=3 elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule" gen=4 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule" gen=5 elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule" gen=6 elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ip_source -d $ip_dest --dport $port -j $rule" gen=7 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule" gen=8 fi echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2" read yesno if [ $yesno == 1 ] && [ $gen == 1 ]; then $IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 2 ]; then $IPT -A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 3 ]; then $IPT -A $chain -s $ip_source -i $interface --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 4 ]; then $IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 5 ]; then $IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 6 ]; then $IPT -A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 7 ]; then $IPT -A $chain -s $ip_source -d $ip_dest --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 8 ]; then $IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 2 ]; then main fi } function generate_rule_multiple_ip() { for ipdetails in `cat $ip_source` do if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule" gen=1 elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule" gen=2 elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ipdetails -i $interface --dport $port -j $rule" gen=3 elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule" gen=4 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule" gen=5 elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule" gen=6 elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ipdetails -d $ip_dest --dport $port -j $rule" gen=7 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule" gen=8 fi done echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2" read yesno for ipdetails in `cat $ip_source` do if [ $yesno == 1 ] && [ $gen == 1 ]; then $IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 2 ]; then $IPT -A $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 3 ]; then $IPT -A $chain -s $ipdetails -i $interface --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 4 ]; then $IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 5 ]; then $IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 6 ]; then $IPT -A $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 7 ]; then $IPT -A $chain -s $ipdetails -d $ip_dest --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 8 ]; then $IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 2 ]; then main fi done } echo -e "\n\tPress Enter key to Generate the Complete Rule!!!" read temp echo -e "The Generated Rule is \n" ##CHOSE TO LOOP A FILE OR A SINGLE IP ADDRESS ################################### if [ $opt_ip_srource == "1" ] || [ $opt_ip_srource == "2" ] ; then generate_rule_single_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log $IPTSAVE echo -e "Press Enter key to Continue..." read temp main else generate_rule_multiple_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log $IPTSAVE echo -e "Press Enter key to Continue..." read temp main fi } ##############################DELETE FIREWALL PROGRAM BEGINS FROM HERE############################### function delfirewall() { function deleteonerule () { echo -e " 1. Delete one rule 2. Go back to Main Menu" read opt_delete_one_rule case $opt_delete_one_rule in 1) echo -e "\nPlease Eneter the Rule." read one_rule ;; 2) main;; *) echo -e "Wrong Option Selected" esac echo "$one_rule"| sed 's/-A/-D/g' echo "Do you want to remove this rule, Yes=1 , No=2" read yesno if [ $yesno == 1 ] ; then $IPT `echo $one_rule | sed 's/-A/-D/g'` else main fi } function delprogram () { ###############Getting the Chain############ clear echo -e "Using Which Chain of Filter Table?\n 1. INPUT 2. OUTPUT 3. Forward 4. Go back to Main Menu" read opt_ch case $opt_ch in 1) chain="INPUT" ;; 2) chain="OUTPUT" ;; 3) chain="FORWARD" ;; 4) main;; *) echo -e "Wrong Option Selected!!!" esac #########Getting Source IP Address########## echo -e " 1. Firewall using Single Source IP 2. Firewall using Source Subnet 3. Firewall using for All Source Networks 4. Firewall choose a source file containing ip addesses 5. Go back to Main Menu" read opt_ip_srource case $opt_ip_srource in 1) echo -e "\nPlease Enter the IP Address of the Source" read ip_source ;; 2) echo -e "\nPlease Enter the Source Subnet (e.g 192.168.10.0/24)" read ip_source ;; 3) ip_source="0/0" ;; 4) echo -e "\nPlease Enter the file name." read ip_source ;; 5) main;; #6) ip_source = "NULL" ;; *) echo -e "Wrong Option Selected" esac ##############Chose interface############### echo -e " \nDo you want to Configure a Network Interface or a Destination Networks?\n 1. Configure a Network Interface 2. Configure a Destination Networks Only 3. Go back to Main Menu" read opt_int case $opt_int in 1) echo -e "\nPlease Enter a Network Interface." read interface ;; 2) interface="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac if [ $opt_int == "2" ]; then #########Getting Destination IP Address########## echo -e "Please Enter the IP Address of the Destination\n 1. Firewall using Single Destination IP 2. Firewall using Destination Subnet 3. Firewall using for All Destination Networks 4. Go back to Main Menu" read opt_ip_dest case $opt_ip_dest in 1) echo -e "\nPlease Enter the IP Address of the Destination" read ip_dest ;; 2) echo -e "\nPlease Enter the Destination Subnet (e.g 192.168.10.0/24)" read ip_dest ;; 3) ip_dest="0/0" ;; 4) main;; *) echo -e "Wrong Option Selected" esac ###############Getting the Protocol############# echo -e " 1. All Traffic of TCP 2. Specific TCP Service 3. Not using a specific Protocol 4. Go back to Main Menu" read proto_ch case $proto_ch in 1) proto=tcp ;; 2) echo -e "Enter the TCP Service Name:" read proto ;; 3) proto="NULL" ;; 4) main;; *) echo -e "Wrong option Selected!!!" esac ###############Getting the Destination Port############# echo -e "\nConfigure the Destination Port\n 1. Specific Destination Port 2. No Destination Port 3. Go back to Main Menu" read port_ch case $port_ch in 1) echo -e "Enter the Destination Port:" read port ;; 2) prot="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac #############What to do With Rule############# echo -e "\nWhat to do with Rule? 1. Accept the Packet 2. Reject the Packet 3. Drop the Packet 4. Create Log 5. Go back to Main Menu" read rule_ch case $rule_ch in 1) rule="ACCEPT" ;; 2) rule="REJECT" ;; 3) rule="DROP" ;; 4) rule="LOG" ;; 5) main;; esac else ###############Getting the Protocol############# echo -e " 1. All Traffic of TCP 2. Specific TCP Service 3. Not using a specific Protocol 4. Go back to Main Menu" read proto_ch case $proto_ch in 1) proto=tcp ;; 2) echo -e "Enter the TCP Service Name:" read proto ;; 3) proto="NULL" ;; 4) main;; *) echo -e "Wrong option Selected!!!" esac ###############Getting the Destination Port############# echo -e "\nConfigure the Destination Port\n 1. Specific Destination Port 2. No Destination Port 3. Go back to Main Menu" read port_ch case $port_ch in 1) echo -e "Enter the Destination Port:" read port ;; 2) prot="NULL" ;; 3) main;; *) echo -e "Wrong option Selected!!!" esac #############What to do With Rule############# echo -e "\nWhat to do with Rule? 1. Accept the Packet 2. Reject the Packet 3. Drop the Packet 4. Create Log 5. Go back to Main Menu" read rule_ch case $rule_ch in 1) rule="ACCEPT" ;; 2) rule="REJECT" ;; 3) rule="DROP" ;; 4) rule="LOG" ;; 5) main;; esac fi ###################Generating the Rule#################### function del_rule_single_ip() { if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule" gen=1 elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule" gen=2 elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ip_source -i $interface --dport $port -j $rule" gen=3 elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule" gen=4 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule" gen=5 elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule" gen=6 elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ip_source -d $ip_dest --dport $port -j $rule" gen=7 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule" gen=8 fi echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2" read yesno if [ $yesno == 1 ] && [ $gen == 1 ]; then $IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 2 ]; then $IPT -D $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 3 ]; then $IPT -D $chain -s $ip_source -i $interface --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 4 ]; then $IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 5 ]; then $IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 6 ]; then $IPT -D $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 7 ]; then $IPT -D $chain -s $ip_source -d $ip_dest --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 8 ]; then $IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 2 ]; then main fi } function del_rule_multiple_ip() { for ipdetails in `cat $ip_source` do if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule" gen=1 elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule" gen=2 elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ipdetails -i $interface --dport $port -j $rule" gen=3 elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule" gen=4 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule" gen=5 elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule" gen=6 elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ipdetails -d $ip_dest --dport $port -j $rule" gen=7 elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule" gen=8 fi done echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2" read yesno for ipdetails in `cat $ip_source` do if [ $yesno == 1 ] && [ $gen == 1 ]; then $IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 2 ]; then $IPT -D $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 3 ]; then $IPT -D $chain -s $ipdetails -i $interface --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 4 ]; then $IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 5 ]; then $IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 6 ]; then $IPT -D $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 7 ]; then $IPT -D $chain -s $ipdetails -d $ip_dest --dport $port -j $rule elif [ $yesno == 1 ] && [ $gen == 8 ]; then $IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule elif [ $yesno == 2 ]; then main fi done } echo "$opt_ip_srource" echo -e "\n\tPress Enter key to Generate the Complete Rule!!!" read temp echo -e "The Generated Rule is \n" if [ $opt_ip_srource == "1" ] || [ $opt_ip_srource == "2" ] ; then del_rule_single_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log $IPTSAVE else del_rule_multiple_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log $IPTSAVE fi } echo -e "\t**********************|Delete your Iptable Menu|***************************\n 1. Delete a Custum Rule 2. Delete one Rule 3. Back to Main Menu" read opt_delfirewall case $opt_delfirewall in 1) delprogram ;; 2) deleteonerule 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log ;; 3) main ;; *) echo -e "Wrong option Selected!!!" esac } function main() { ROOT_UID=0 if [ $UID == $ROOT_UID ]; then clear opt_main=1 while [ $opt_main != 6 ] do echo -e "************************************************************************" #############Check Whether the iptables installed or not############ echo -e "\t**********************|Main Menu|***************************\n 1. Check Iptables Package\n 2. Iptables Services\n 3. Build Your Firewall with Iptables\n 4. Delete Your Firewall with Iptables\n 6. Exit" read opt_main case $opt_main in 1) echo -e "******************************" rpm -q iptables echo -e "******************************" ;; 2) checkstatus 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log ;; 3) buildfirewall ;; 4) delfirewall ;; 6) exit 0 ;; *) echo -e "Wrong option Selected!!!" esac done else echo -e "You Must be the ROOT to Perfom this Task!!!" fi } main exit 0