iptables-rules-generator.sh

d
Nombre: iptables-rule-generator.sh
Autor: Ricardo del Castillo @WizardIP
Descripcion: Generador básico de reglas de IPTables por puerto, interface, dirección IP o segmento para colocar en el archivo generado por el comando iptables-save. 
#!/bin/bash 

#@WizardIP

if [ $# -lt 1 ] 
then 
        echo "Usage : $0 [ OPTION  ]" 
        echo "Options are:" 
        echo "by Port" 
        echo "by Interface" 
        echo "by Address (Full Access)" 
        echo "by Segment" 
        exit 1 
fi 

NUM='^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$' 
NUM2='^-?[0-9]+$' 
case "$1" in 

P) 
echo "Give me the IP" 
        read IP 
        if ! [[ $IP =~ $NUM ]]; then 
                echo "Please use numeric values" 
                exit 1 
        fi 
echo "Give me the Port" 
        read PORT 
        if ! [[ $PORT =~ $NUM2 ]]; then 
                echo "Please use numeric values" 
                exit 1 
        fi 
echo "Generating Rules...Please append it in the config file /etc/iptables.rules.date" 
sleep 3 
echo "-A INPUT -s $IP/32 -p tcp -m tcp --dport $PORT -j ACCEPT" 
echo "-A OUTPUT -d $IP/32 -p tcp -m tcp --sport $PORT -j ACCEPT" 
;; 

I) 
echo "Give me the Interface" 
        read INTER 
echo "Give me the IP" 
        read IP 
        if ! [[ $IP =~ $NUM ]]; then 
                echo "Please use numeric values" 
                exit 1 
        fi 
echo "Generating rules...Please append it in the config file /etc/iptables.rules.date" 
sleep 3 
echo "-A INPUT -i $INTER -p tcp -s $IP/32 -j ACCEPT" 
echo "-A OUTPUT -o $INTER -p tcp -d $IP/32 -j ACCEPT" 
;; 

A) 
echo "Give me the IP" 
        read IP 
        if ! [[ $IP =~ $NUM ]]; then 
                echo "Please use numeric values" 
                exit 1 
        fi 
echo "Generating rules...Please append it in the config file /etc/iptables.rules.date" 
sleep 3 
echo "-A INPUT -s $IP -j ACCEPT" 
echo "-A OUTPUT -d $IP -j ACCEPT" 
;; 

S) 
echo "Give me the IP" 
        read IP 
        if ! [[ $IP =~ $NUM ]]; then 
                echo "Please use numeric values" 
                exit 1 
        fi 
echo "Give me the Interface" 
        read INTER 
echo "Generating rules...Please append it in the config file /etc/iptables.rules.date" 
sleep 3 
echo "-A INPUT -i $INTER -s $IP/24 -j ACCEPT" 
echo "-A OUTPUT -o $INTER -d $IP/24 -j ACCEPT" 
;; 

*) 
echo "Invalid option" 
echo "Usage : $0 [ OPTION  ]" 
        echo "Options are:" 
        echo "by Port" 
        echo "by Interface" 
        echo "by Address" 
        echo "by Segment" 
        exit 1 
;; 
esac
Publicado por Unknown en 21:53
Etiquetas: , , , , ,

0 comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)