2021-09-09 23:52:46 +03:00
|
|
|
#!/bin/bash -e
|
2021-02-07 13:45:36 +02:00
|
|
|
|
|
|
|
|
# root check
|
|
|
|
|
if [[ "$UID" -ne 0 ]]; then
|
|
|
|
|
echo "This script needs root permissions."
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
2021-09-09 23:52:46 +03:00
|
|
|
RULES_FILE='/etc/jfw/jfw.rules'
|
|
|
|
|
|
2021-02-07 13:45:36 +02:00
|
|
|
# Make /etc/jfw directory with "rules" file
|
|
|
|
|
# (which is really the iptables script)
|
2021-09-09 23:52:46 +03:00
|
|
|
if [[ -f $RULES_FILE ]]; then
|
2021-02-07 13:45:36 +02:00
|
|
|
echo "Found existing jfw configuration, do you wish to overwrite (y/n)?"
|
|
|
|
|
read -n 1
|
|
|
|
|
if [[ "$REPLY" == "y" ]];then
|
2021-09-09 23:52:46 +03:00
|
|
|
echo "Overwriting '$RULES_FILE'"
|
2021-02-07 13:45:36 +02:00
|
|
|
cp jfw.rules /etc/jfw/
|
|
|
|
|
chmod -R 700 /etc/jfw
|
|
|
|
|
else
|
2021-09-09 23:52:46 +03:00
|
|
|
echo "Not overwriting '$RULES_FILE' ."
|
2021-02-07 13:45:36 +02:00
|
|
|
fi
|
|
|
|
|
else
|
|
|
|
|
mkdir -p /etc/jfw
|
|
|
|
|
cp jfw.rules /etc/jfw/
|
|
|
|
|
chmod -R 700 /etc/jfw
|
|
|
|
|
fi
|
|
|
|
|
|
2021-09-09 23:52:46 +03:00
|
|
|
# Copy executable in place:
|
|
|
|
|
cp jfw /usr/local/sbin/jfw
|
|
|
|
|
chown root:wheel /usr/local/sbin/jfw
|
|
|
|
|
chmod 750 /usr/local/sbin/jfw
|
2021-02-07 13:45:36 +02:00
|
|
|
|
|
|
|
|
# Install systemd service file,
|
|
|
|
|
cp jfw.service /etc/systemd/system
|
|
|
|
|
systemctl daemon-reload
|
|
|
|
|
|
|
|
|
|
echo "SSH port (22) is opened by default with JFW."
|
|
|
|
|
read -p "Enable & start JFW now (yes/no)? "
|
|
|
|
|
|
|
|
|
|
if [[ "$REPLY" == "yes" ]]; then
|
|
|
|
|
systemctl enable --now jfw
|
|
|
|
|
else
|
|
|
|
|
echo "You can edit the iptables rules to your liking by editing"
|
2021-09-09 23:52:46 +03:00
|
|
|
echo "'$RULES_FILE'. Afterwards you can use systemct to start"
|
2021-02-07 13:45:36 +02:00
|
|
|
echo "and/or enable the firewall."
|
|
|
|
|
fi
|
