70 lines
3.0 KiB
Bash
70 lines
3.0 KiB
Bash
$opt_int $proto_ch $port_ch
|
|
if [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
|
|
1 1 1 -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule_ch
|
|
elif [ $opt_int == 1 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
|
|
1 2 1 -A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule_ch
|
|
elif [ $opt_int == 1 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
|
|
1 3 2 -A $chain -s $ip_source -i $interface --dport $port -j $rule_ch
|
|
elif [ $opt_int == 1 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
|
|
1 1 2 -A $chain -s $ip_source -i $interface -p tcp --dport $port -j $rule_ch
|
|
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 1 ]; then
|
|
2 1 1 -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule_ch
|
|
elif [ $opt_int == 2 ] && [ $proto_ch == 2 ] && [ $port_ch == 1 ]; then
|
|
2 2 1 -A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule_ch
|
|
elif [ $opt_int == 2 ] && [ $proto_ch == 3 ] && [ $port_ch == 2 ]; then
|
|
2 3 2 -A $chain -s $ip_source -d $ip_dest --dport $port -j $rule_ch
|
|
elif [ $opt_int == 2 ] && [ $proto_ch == 1 ] && [ $port_ch == 2 ]; then
|
|
2 1 2 -A $chain -s $ip_source -d $ip_dest -p tcp --dport $port -j $rule_ch
|
|
fi
|
|
|
|
|
|
-A $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule_ch ($opt_int = 1 $proto_ch=2 $port_ch=2)
|
|
-A $chain -s $ip_source -i $interface --dport 443 -j $rule_ch ($opt_int = 1 $proto_ch=3 NO PROTOC)
|
|
-A $chain -s $ip_source -d $ip_dest -p $proto --dport $port -j $rule_ch ($opt_int = 2 $proto_ch=2)
|
|
-A $chain -s $ip_source -d $ip_dest --dport 443 -j $rule_ch ($opt_int = 2 $proto_ch=3 NO PROTOC)
|
|
|
|
|
|
RULE="-A$chain$ipdetails$ip_dest$proto$port$rule"
|
|
for FILE in $(cat /etc/sysconfig/iptables |awk '{print $1$2$4$6$12$14}'|grep "^-")
|
|
do
|
|
if [ "$RULE" == "$FILE" ] ; then
|
|
echo "this Rule -D $chain -s $ip_source -i $interface -p $proto --dport $port -j $rule exsists"
|
|
read temp
|
|
|
|
-A INPUT -s 11.11.11.11 -d 22.22.22.22 -p tcp -m tcp --dport 443 -j ACCEPT
|
|
-A INPUT -s 11.11.11.11 -d 22.22.22.22 -p tcp --dport 443 -j ACCEPT
|
|
|
|
|
|
awk '{print $1$2$3$4$5$6$7$8$9$10$11$12$13$14$15}'
|
|
for FILE in $(cat /etc/sysconfig/iptables |awk '{print $1$2$4$6$8$12$14}'|grep "^-")
|
|
do
|
|
RULE="-A$chain$ipdetails$interface$ip_dest$proto$port$rule"
|
|
if [ "$RULE" == "$FILE" ] ; then
|
|
echo -e "This Rule \"-D $chain -s $ip_source -i $interface -p $proto --dport $port\" -j $rule exsists"
|
|
echo -e "\nGo Back to Build Your Firewall program Or to Main Menu\n
|
|
1. Back to Build Your Firewall with Iptables
|
|
2. Go back to Main Menu"
|
|
read back_to
|
|
case $back_to in
|
|
1) buildfirewall;;
|
|
2) main;;
|
|
*) echo -e "Wrong option Selected!!!"
|
|
esac
|
|
|
|
|
|
|
|
|
|
for duplicate_iptables in `(cat /etc/sysconfig/iptables | sort | uniq | grep "^-")`
|
|
do
|
|
echo "iptables $duplicate_iptables"
|
|
done
|
|
|
|
while read -r duplicate_iptables
|
|
do
|
|
iptables $duplicate_iptables
|
|
done < /etc/sysconfig/iptables | grep "^-"
|
|
|
|
cat /etc/sysconfig/iptables | xargs -n1 -i{} grep '^{}$' ngfilelist.txt
|
|
|
|
|
|
|