Files
Bash_Scrips/scripts/IptablesTool.sh
2025-06-23 21:19:51 +02:00

745 lines
26 KiB
Bash

#!/bin/bash
#(c) Roy Cohen 23/11/2012 :roy@wondercohen.nl
#original script :http://www.howtoforge.com/bash-script-for-configuring-iptables-firewall
#objective :IPtables administering tool
#last update :29/11/2012
#version :0.2
# Parameters
IPT="/sbin/iptables"
IPTSAVE="/etc/init.d/iptables save"
echo -e""
###############################IPTABLE SERVICES PROGRAM BEGINS HERE###############################
function checkstatus()
{
opt_checkstatus=1
while [ $opt_checkstatus != 7 ]
do
clear
#echo -e "\nChoose the Option Bellow!!!\n
echo -e "\n\t*****Note: Save your Iptables before stop/Restart the iptables Services*****\n"
echo -e " 1. Save the iptables\n
2. Status of Iptables\n
3. Start iptables Services\n
4. Stop iptables Services\n
5. Restart iptable Services\n
6. Flush iptables (**Use Carefully_it will remove all the rules from iptables**)\n
7. Go back to Main Menu"
read opt_checkstatus
case $opt_checkstatus in
1) echo -e "*******************************************************\n"
/etc/init.d/iptables save
echo -e "\n*******************************************************\n"
echo -e "Press Enter key to Continue..."
read temp;;
2) echo -e "*******************************************************\n"
/etc/init.d/iptables status
echo -e "*******************************************************"
echo -e "Press Enter key to Continue..."
read temp;;
3) echo -e "*******************************************************\n"
/etc/init.d/iptables start
echo -e "*******************************************************\n"
echo -e "Press Enter key to Continue..."
read temp;;
4) echo -e "*******************************************************\n"
/etc/init.d/iptables stop
echo -e "*******************************************************\n"
echo -e "Press Enter key to Continue..."
read temp;;
5) echo -e "*******************************************************\n"
/etc/init.d/iptables restart
echo -e "*******************************************************\n"
echo -e "Press Enter key to Continue..."
read temp;;
6) iptables -F
echo -e "*******************************************************"
echo -e "All the Rules from the Iptables are Flushed!!!"
echo -e "*******************************************************\n"
echo -e "Press Enter key to Continue..."
read temp;;
7) main;;
*) echo -e "Wrong Option Selected!!!"
esac
done
}
###############################BUILD FIREWALL PROGRAM BEGINS FROM HERE###############################
function buildfirewall()
{
function buildfirewallprogram ()
{
###############Getting the Chain############
clear
echo -e "Using Which Chain of Filter Table?\n
1. INPUT
2. OUTPUT
3. Forward
4. Go back to Main Menu"
read opt_ch
case $opt_ch in
1) chain="INPUT" ;;
2) chain="OUTPUT" ;;
3) chain="FORWARD" ;;
4) main;;
*) echo -e "Wrong Option Selected!!!"
esac
#########Getting Source IP Address##########
#Label
echo -e "Please the Source IP Address\n
1. Firewall using Single Source IP
2. Firewall using Source Subnet
3. Firewall using for All Source Networks
4. Firewall choose a source file containing ip addesses
5. Go back to Main Menu"
read opt_ip_srource
case $opt_ip_srource in
1) echo -e "\nPlease Enter the IP Address of the Source"
read ip_source ;;
2) echo -e "\nPlease Enter the Source Subnet (e.g 192.168.10.0/24)"
read ip_source ;;
3) ip_source="0/0" ;;
4) echo -e "\nPlease Enter the file name."
read ip_source ;;
5) main;;
#6) ip_source = "NULL" ;;
*) echo -e "Wrong Option Selected"
esac
##############Chose interface###############
echo -e " \nDo you want to Configure a Network Interface or a Destination Networks?\n
1. Configure a Network Interface
2. Configure a Destination Networks Only
3. Go back to Main Menu"
read opt_int
case $opt_int in
1) echo -e "\nPlease Enter a Network Interface."
read interface ;;
2) interface="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
if [ $opt_int == "2" ]; then
#########Getting Destination IP Address##########
echo -e "Please Enter the IP Address of the Destination\n
1. Firewall using Single Destination IP
2. Firewall using Destination Subnet
3. Firewall using for All Destination Networks
4. Go back to Main Menu"
read opt_ip_dest
case $opt_ip_dest in
1) echo -e "\nPlease Enter the IP Address of the Destination"
read ip_dest ;;
2) echo -e "\nPlease Enter the Destination Subnet (e.g 192.168.10.0/24)"
read ip_dest ;;
3) ip_dest="0/0" ;;
4) main;;
*) echo -e "Wrong Option Selected"
esac
###############Getting the Protocol#############
echo -e "
1. All Traffic of TCP
2. Specific TCP Service
3. Not using a specific Protocol
4. Go back to Main Menu"
read proto_ch
case $proto_ch in
1) proto=tcp ;;
2) echo -e "Enter the TCP Service Name:"
read proto ;;
3) proto="NULL" ;;
4) main;;
*) echo -e "Wrong option Selected!!!"
esac
###############Getting the Destination Port#############
echo -e "\nConfigure the Destination Port\n
1. Specific Destination Port
2. No Destination Port
3. Go back to Main Menu"
read port_ch
case $port_ch in
1) echo -e "Enter the Destination Port:"
read port ;;
2) prot="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
#############What to do With Rule#############
echo -e "\nWhat to do with Rule?
1. Accept the Packet
2. Reject the Packet
3. Drop the Packet
4. Create Log
5. Go back to Main Menu"
read rule_ch
case $rule_ch in
1) rule="ACCEPT" ;;
2) rule="REJECT" ;;
3) rule="DROP" ;;
4) rule="LOG" ;;
5) main;;
esac
else
###############Getting the Protocol#############
echo -e "
1. All Traffic of TCP
2. Specific TCP Service
3. Not using a specific Protocol
4. Go back to Main Menu"
read proto_ch
case $proto_ch in
1) proto=tcp ;;
2) echo -e "Enter the TCP Service Name:"
read proto ;;
3) proto="NULL" ;;
4) main;;
*) echo -e "Wrong option Selected!!!"
esac
###############Getting the Destination Port#############
echo -e "\nConfigure the Destination Port\n
1. Specific Destination Port
2. No Destination Port
3. Go back to Main Menu"
read port_ch
case $port_ch in
1) echo -e "Enter the Destination Port:"
read port ;;
2) prot="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
#############What to do With Rule#############
echo -e "\nWhat to do with Rule?
1. Accept the Packet
2. Reject the Packet
3. Drop the Packet
4. Create Log
5. Go back to Main Menu"
read rule_ch
case $rule_ch in
1) rule="ACCEPT" ;;
2) rule="REJECT" ;;
3) rule="DROP" ;;
4) rule="LOG" ;;
5) main;;
esac
fi
}
###################Generating the Rule####################
buildfirewallprogram
function generate_rule_single_ip()
{
if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule"
gen=1
elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule"
gen=2
elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ip_source -i $interface --dport $port -j $rule"
gen=3
elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule"
gen=4
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule"
gen=5
elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule"
gen=6
elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ip_source -d $ip_dest --dport $port -j $rule"
gen=7
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule"
gen=8
fi
echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2"
read yesno
if [ $yesno == 1 ] && [ $gen == 1 ]; then
$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 2 ]; then
$IPT -A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 3 ]; then
$IPT -A $chain -s $ip_source -i $interface --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 4 ]; then
$IPT -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 5 ]; then
$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 6 ]; then
$IPT -A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 7 ]; then
$IPT -A $chain -s $ip_source -d $ip_dest --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 8 ]; then
$IPT -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 2 ]; then
main
fi
}
function generate_rule_multiple_ip()
{
for ipdetails in `cat $ip_source`
do
if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule"
gen=1
elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule"
gen=2
elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ipdetails -i $interface --dport $port -j $rule"
gen=3
elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule"
gen=4
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule"
gen=5
elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule"
gen=6
elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ipdetails -d $ip_dest --dport $port -j $rule"
gen=7
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule"
gen=8
fi
done
echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2"
read yesno
for ipdetails in `cat $ip_source`
do
if [ $yesno == 1 ] && [ $gen == 1 ]; then
$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 2 ]; then
$IPT -A $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 3 ]; then
$IPT -A $chain -s $ipdetails -i $interface --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 4 ]; then
$IPT -A $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 5 ]; then
$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 6 ]; then
$IPT -A $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 7 ]; then
$IPT -A $chain -s $ipdetails -d $ip_dest --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 8 ]; then
$IPT -A $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 2 ]; then
main
fi
done
}
echo -e "\n\tPress Enter key to Generate the Complete Rule!!!"
read temp
echo -e "The Generated Rule is \n"
##CHOSE TO LOOP A FILE OR A SINGLE IP ADDRESS ###################################
if [ $opt_ip_srource == "1" ] || [ $opt_ip_srource == "2" ] ; then
generate_rule_single_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log
$IPTSAVE
echo -e "Press Enter key to Continue..."
read temp
main
else
generate_rule_multiple_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log
$IPTSAVE
echo -e "Press Enter key to Continue..."
read temp
main
fi
}
##############################DELETE FIREWALL PROGRAM BEGINS FROM HERE###############################
function delfirewall()
{
function deleteonerule ()
{
echo -e "
1. Delete one rule
2. Go back to Main Menu"
read opt_delete_one_rule
case $opt_delete_one_rule in
1) echo -e "\nPlease Eneter the Rule."
read one_rule ;;
2) main;;
*) echo -e "Wrong Option Selected"
esac
echo "$one_rule"| sed 's/-A/-D/g'
echo "Do you want to remove this rule, Yes=1 , No=2"
read yesno
if [ $yesno == 1 ] ; then
$IPT `echo $one_rule | sed 's/-A/-D/g'`
else
main
fi
}
function delprogram ()
{
###############Getting the Chain############
clear
echo -e "Using Which Chain of Filter Table?\n
1. INPUT
2. OUTPUT
3. Forward
4. Go back to Main Menu"
read opt_ch
case $opt_ch in
1) chain="INPUT" ;;
2) chain="OUTPUT" ;;
3) chain="FORWARD" ;;
4) main;;
*) echo -e "Wrong Option Selected!!!"
esac
#########Getting Source IP Address##########
echo -e "
1. Firewall using Single Source IP
2. Firewall using Source Subnet
3. Firewall using for All Source Networks
4. Firewall choose a source file containing ip addesses
5. Go back to Main Menu"
read opt_ip_srource
case $opt_ip_srource in
1) echo -e "\nPlease Enter the IP Address of the Source"
read ip_source ;;
2) echo -e "\nPlease Enter the Source Subnet (e.g 192.168.10.0/24)"
read ip_source ;;
3) ip_source="0/0" ;;
4) echo -e "\nPlease Enter the file name."
read ip_source ;;
5) main;;
#6) ip_source = "NULL" ;;
*) echo -e "Wrong Option Selected"
esac
##############Chose interface###############
echo -e " \nDo you want to Configure a Network Interface or a Destination Networks?\n
1. Configure a Network Interface
2. Configure a Destination Networks Only
3. Go back to Main Menu"
read opt_int
case $opt_int in
1) echo -e "\nPlease Enter a Network Interface."
read interface ;;
2) interface="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
if [ $opt_int == "2" ]; then
#########Getting Destination IP Address##########
echo -e "Please Enter the IP Address of the Destination\n
1. Firewall using Single Destination IP
2. Firewall using Destination Subnet
3. Firewall using for All Destination Networks
4. Go back to Main Menu"
read opt_ip_dest
case $opt_ip_dest in
1) echo -e "\nPlease Enter the IP Address of the Destination"
read ip_dest ;;
2) echo -e "\nPlease Enter the Destination Subnet (e.g 192.168.10.0/24)"
read ip_dest ;;
3) ip_dest="0/0" ;;
4) main;;
*) echo -e "Wrong Option Selected"
esac
###############Getting the Protocol#############
echo -e "
1. All Traffic of TCP
2. Specific TCP Service
3. Not using a specific Protocol
4. Go back to Main Menu"
read proto_ch
case $proto_ch in
1) proto=tcp ;;
2) echo -e "Enter the TCP Service Name:"
read proto ;;
3) proto="NULL" ;;
4) main;;
*) echo -e "Wrong option Selected!!!"
esac
###############Getting the Destination Port#############
echo -e "\nConfigure the Destination Port\n
1. Specific Destination Port
2. No Destination Port
3. Go back to Main Menu"
read port_ch
case $port_ch in
1) echo -e "Enter the Destination Port:"
read port ;;
2) prot="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
#############What to do With Rule#############
echo -e "\nWhat to do with Rule?
1. Accept the Packet
2. Reject the Packet
3. Drop the Packet
4. Create Log
5. Go back to Main Menu"
read rule_ch
case $rule_ch in
1) rule="ACCEPT" ;;
2) rule="REJECT" ;;
3) rule="DROP" ;;
4) rule="LOG" ;;
5) main;;
esac
else
###############Getting the Protocol#############
echo -e "
1. All Traffic of TCP
2. Specific TCP Service
3. Not using a specific Protocol
4. Go back to Main Menu"
read proto_ch
case $proto_ch in
1) proto=tcp ;;
2) echo -e "Enter the TCP Service Name:"
read proto ;;
3) proto="NULL" ;;
4) main;;
*) echo -e "Wrong option Selected!!!"
esac
###############Getting the Destination Port#############
echo -e "\nConfigure the Destination Port\n
1. Specific Destination Port
2. No Destination Port
3. Go back to Main Menu"
read port_ch
case $port_ch in
1) echo -e "Enter the Destination Port:"
read port ;;
2) prot="NULL" ;;
3) main;;
*) echo -e "Wrong option Selected!!!"
esac
#############What to do With Rule#############
echo -e "\nWhat to do with Rule?
1. Accept the Packet
2. Reject the Packet
3. Drop the Packet
4. Create Log
5. Go back to Main Menu"
read rule_ch
case $rule_ch in
1) rule="ACCEPT" ;;
2) rule="REJECT" ;;
3) rule="DROP" ;;
4) rule="LOG" ;;
5) main;;
esac
fi
###################Generating the Rule####################
function del_rule_single_ip()
{
if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule"
gen=1
elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule"
gen=2
elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ip_source -i $interface --dport $port -j $rule"
gen=3
elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule"
gen=4
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule"
gen=5
elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule"
gen=6
elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ip_source -d $ip_dest --dport $port -j $rule"
gen=7
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule"
gen=8
fi
echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2"
read yesno
if [ $yesno == 1 ] && [ $gen == 1 ]; then
$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 2 ]; then
$IPT -D $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 3 ]; then
$IPT -D $chain -s $ip_source -i $interface --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 4 ]; then
$IPT -D $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 5 ]; then
$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 6 ]; then
$IPT -D $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 7 ]; then
$IPT -D $chain -s $ip_source -d $ip_dest --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 8 ]; then
$IPT -D $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 2 ]; then
main
fi
}
function del_rule_multiple_ip()
{
for ipdetails in `cat $ip_source`
do
if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule"
gen=1
elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule"
gen=2
elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ipdetails -i $interface --dport $port -j $rule"
gen=3
elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule"
gen=4
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule"
gen=5
elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule"
gen=6
elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ipdetails -d $ip_dest --dport $port -j $rule"
gen=7
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
echo "$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule"
gen=8
fi
done
echo -e "\n\tDo you want to Enter and Save the Above rule to the IPTABLES? Yes=1 , No=2"
read yesno
for ipdetails in `cat $ip_source`
do
if [ $yesno == 1 ] && [ $gen == 1 ]; then
$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 2 ]; then
$IPT -D $chain -s $ipdetails -i $interface -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 3 ]; then
$IPT -D $chain -s $ipdetails -i $interface --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 4 ]; then
$IPT -D $chain -s $ipdetails -i $interface -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 5 ]; then
$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 6 ]; then
$IPT -D $chain -s $ipdetails -d $ip_dest -p $proto --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 7 ]; then
$IPT -D $chain -s $ipdetails -d $ip_dest --dport $port -j $rule
elif [ $yesno == 1 ] && [ $gen == 8 ]; then
$IPT -D $chain -s $ipdetails -d $ip_dest -p tcp --dport $port -j $rule
elif [ $yesno == 2 ]; then
main
fi
done
}
echo "$opt_ip_srource"
echo -e "\n\tPress Enter key to Generate the Complete Rule!!!"
read temp
echo -e "The Generated Rule is \n"
if [ $opt_ip_srource == "1" ] || [ $opt_ip_srource == "2" ] ; then
del_rule_single_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log
$IPTSAVE
else
del_rule_multiple_ip 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log
$IPTSAVE
fi
}
echo -e "\t**********************|Delete your Iptable Menu|***************************\n
1. Delete a Custum Rule
2. Delete one Rule
3. Back to Main Menu"
read opt_delfirewall
case $opt_delfirewall in
1) delprogram ;;
2) deleteonerule 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log ;;
3) main ;;
*) echo -e "Wrong option Selected!!!"
esac
}
function main()
{
ROOT_UID=0
if [ $UID == $ROOT_UID ];
then
clear
opt_main=1
while [ $opt_main != 6 ]
do
echo -e "************************************************************************"
#############Check Whether the iptables installed or not############
echo -e "\t**********************|Main Menu|***************************\n
1. Check Iptables Package\n
2. Iptables Services\n
3. Build Your Firewall with Iptables\n
4. Delete Your Firewall with Iptables\n
5. EDSN script\n
6. Exit"
read opt_main
case $opt_main in
1) echo -e "******************************"
rpm -q iptables
echo -e "******************************" ;;
2) checkstatus 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log ;;
3) buildfirewall ;;
4) delfirewall ;;
5) sh setIptables_config2.sh 2>&1 | tee -a IpTab_$(date +%Y%m%d%H%M).log ;;
6) exit 0 ;;
*) echo -e "Wrong option Selected!!!"
esac
done
else
echo -e "You Must be the ROOT to Perfom this Task!!!"
fi
}
main
exit 0