From 6626ba34bf420fd9e6467bf535da5845eff8d6ba Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 3 Nov 2015 01:00:44 +0200 Subject: [PATCH] Firewall support enable/disable --- bin/v-add-sys-firewall | 57 +++++++++++++++++++++++++++++++++++++++ bin/v-delete-sys-firewall | 48 +++++++++++++++++++++++++++++++++ 2 files changed, 105 insertions(+) create mode 100755 bin/v-add-sys-firewall create mode 100755 bin/v-delete-sys-firewall diff --git a/bin/v-add-sys-firewall b/bin/v-add-sys-firewall new file mode 100755 index 000000000..47676e9e8 --- /dev/null +++ b/bin/v-add-sys-firewall @@ -0,0 +1,57 @@ +#!/bin/bash +# info: add system firewall +# opions: NONE +# +# The script enables firewall + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ "$FIREWALL_SYSTEM" = 'iptables' ]; then + exit +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Adding firewall directory +mkdir -p $VESTA/data/firewall/ + +# Adding default ruleset +if [ ! -e "$VESTA/data/firewall/rules.conf" ]; then + cp $VESTA/install/rhel/7/* $VESTA/data/firewall/ +fi + +# Updating FIREWAL_SYSTEM value +if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +else + sed -i "s/FIREWALL_SYSTEM.*/FIREWALL_SYSTEM='iptables'/g" \ + $VESTA/conf/vesta.conf +fi + +# Updating firewall rules +$BIN/v-update-firewall + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$EVENT" + +exit diff --git a/bin/v-delete-sys-firewall b/bin/v-delete-sys-firewall new file mode 100755 index 000000000..e1f512401 --- /dev/null +++ b/bin/v-delete-sys-firewall @@ -0,0 +1,48 @@ +#!/bin/bash +# info: delete system firewall +# opions: NONE +# +# The script disables firewall support + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +if [ -z "$FIREWALL_SYSTEM" ]; then + exit +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Stopping firewall +$BIN/v-stop-firewall + +# Updating FIREWALL_SYSTEM value +if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then + echo "FIREWALL_SYSTEM=''" >> $VESTA/conf/vesta.conf +else + sed -i "s/FIREWALL_SYSTEM=.*/FIREWALL_SYSTEM=''/g" $VESTA/conf/vesta.conf +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$EVENT" + +exit