72 lines
1.9 KiB
Bash
Executable File
72 lines
1.9 KiB
Bash
Executable File
#!/bin/bash
|
|
# Manage Core Nest ports using iptables
|
|
# Usage: sudo ./iptables.sh [open|close]
|
|
|
|
set -e
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
PORTS_FILE="$SCRIPT_DIR/ports"
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "Error: This script must be run as root (use sudo)"
|
|
exit 1
|
|
fi
|
|
|
|
if [ ! -f "$PORTS_FILE" ]; then
|
|
echo "Error: ports file not found at $PORTS_FILE"
|
|
exit 1
|
|
fi
|
|
|
|
ACTION="${1:-}"
|
|
if [ "$ACTION" != "open" ] && [ "$ACTION" != "close" ]; then
|
|
echo "Usage: sudo $0 [open|close]"
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$ACTION" = "open" ]; then
|
|
echo "=== Opening Core Nest Ports (iptables) ==="
|
|
else
|
|
echo "=== Closing Core Nest Ports (iptables) ==="
|
|
fi
|
|
echo ""
|
|
|
|
# Read ports and apply action
|
|
while IFS= read -r line || [ -n "$line" ]; do
|
|
# Skip comments and empty lines
|
|
[[ "$line" =~ ^#.*$ ]] && continue
|
|
[[ -z "$line" ]] && continue
|
|
|
|
port=$(echo "$line" | tr -d ' ')
|
|
|
|
if [ "$ACTION" = "open" ]; then
|
|
# Open port
|
|
if iptables -C INPUT -p tcp --dport "$port" -j ACCEPT 2>/dev/null; then
|
|
echo " Port $port: Already open"
|
|
else
|
|
echo " Port $port: Opening..."
|
|
iptables -I INPUT -p tcp --dport "$port" -j ACCEPT
|
|
echo " Port $port: ✓ Opened"
|
|
fi
|
|
else
|
|
# Close port
|
|
if iptables -C INPUT -p tcp --dport "$port" -j ACCEPT 2>/dev/null; then
|
|
echo " Port $port: Closing..."
|
|
iptables -D INPUT -p tcp --dport "$port" -j ACCEPT
|
|
echo " Port $port: ✓ Closed"
|
|
else
|
|
echo " Port $port: Already closed"
|
|
fi
|
|
fi
|
|
done < "$PORTS_FILE"
|
|
|
|
echo ""
|
|
echo "=== Done ==="
|
|
|
|
if [ "$ACTION" = "open" ]; then
|
|
echo ""
|
|
echo "Note: iptables rules are not persistent across reboots."
|
|
echo "To make persistent, install iptables-persistent:"
|
|
echo " apt-get install iptables-persistent"
|
|
echo " netfilter-persistent save"
|
|
fi
|