.SH automatic script

• Stav: Closed
• Odměna: $20
• Přijatých návrhů: 3
• Vítěz: AhmedSaberfl

Winner

Instrukce k soutěži

Hi,

I need to create a .SH that will do this :

Create a file : /etc/csf/csfpre.sh file consisting of below contents

#!/bin/bash
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 --source cache.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.p19.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.rbx.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.sbg.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.bhs.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source ping.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.244 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.245 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.246 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.247 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 37.187.231.251 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source a2.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.184.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.185.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.186.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 167.114.37.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --source 192.168.0.0/16 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p udp --source 192.168.0.0/16 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.249 -j ACCEPT # temporary, only for HG server
/sbin/iptables -A OUTPUT -p udp --dport 6100:6200 -j ACCEPT # OVH RTM

but the script need to replace line witch contain : IP.251, IP.250 and IP.249 with the server ip.

The script need to determinated the server ip. It can be done using this : curl -L http://cpanel.net/showip.cgi

If the server ip is : 192.0.0.1 , the script need to correct the line :

/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.249 -j ACCEPT # temporary, only for HG server

by those line :

/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.249 -j ACCEPT # temporary, only for HG server


So if ip is : aaa.bbb.ccc.ddd use aaa.bbb.ccc.250 and IP.251 so aaa.bbb.ccc.251

The .SH need to make the file executable and restart CSF firewall using : csf -r

Doporučené dovednosti

• Linux
• PHP
• Webhosting