.SH automatic script
- Stav: Closed
- Odměna: $20
- Přijatých návrhů: 3
- Vítěz: AhmedSaberfl
Instrukce k soutěži
Hi,
I need to create a .SH that will do this :
Create a file : /etc/csf/csfpre.sh file consisting of below contents
#!/bin/bash
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 22 --source cache.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.p19.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.rbx.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.sbg.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source proxy.bhs.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source ping.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.244 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.245 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.246 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 151.80.231.247 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source 37.187.231.251 -j ACCEPT # Monitoring
/sbin/iptables -A INPUT -i eth0 -p icmp --source a2.ovh.net -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.184.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.185.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 92.222.186.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source 167.114.37.0/24 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --source 192.168.0.0/16 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p udp --source 192.168.0.0/16 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.249 -j ACCEPT # temporary, only for HG server
/sbin/iptables -A OUTPUT -p udp --dport 6100:6200 -j ACCEPT # OVH RTM
but the script need to replace line witch contain : IP.251, IP.250 and IP.249 with the server ip.
The script need to determinated the server ip. It can be done using this : curl -L http://cpanel.net/showip.cgi
If the server ip is : 192.0.0.1 , the script need to correct the line :
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source IP.249 -j ACCEPT # temporary, only for HG server
by those line :
/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.251 -j ACCEPT # SLA server
/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.250 -j ACCEPT # IP = aaa.bbb.ccc according to the previous rule
/sbin/iptables -A INPUT -i eth0 -p icmp --source 192.0.0.249 -j ACCEPT # temporary, only for HG server
So if ip is : aaa.bbb.ccc.ddd use aaa.bbb.ccc.250 and IP.251 so aaa.bbb.ccc.251
The .SH need to make the file executable and restart CSF firewall using : csf -r
Doporučené dovednosti
Zpětná vazba od zaměstnavatele
“Fast answer, script working fine, i will probably ask him for another project. Thanks”
knsk123, Canada.
Nejlepší návrhy této soutěže
-
AhmedSaberfl Egypt
-
cranz32 Philippines
-
AhmedSaberfl Egypt
Veřejná nástěnka k vyjasnění projektu
Jak začít se soutěžemi
-
Zveřejněte svou soutěž Rychlé a snadné
-
Získejte spousty návrhů Z celého světa
-
Zvolte nejlepší návrh Stáhněte si soubory - Je to snadné!