0,0 → 1,93 |
#!/bin/bash |
|
# alcasar-ssh.sh |
# by Alexandre Vezin |
|
# enable/disable SSH on external NIC (EXTIF). Set the listen port on EXTIF |
# activation/désactivation de SSH sur la carte réseau externe (EXTIF). Définit le port d'écoute sur EXTIF |
|
SED="/bin/sed -i" |
CAT="/bin/cat" |
GREP="/bin/grep" |
ALCASAR_CONF="/usr/local/etc/alcasar.conf" |
SSH_CONF="/etc/ssh/sshd_config" |
|
usage="Usage: alcasar-ssh.sh {--off | -off} | {--on | -on} [-p port]" |
|
nb_args=$# |
args=$1 |
echo "Checking args" >> '/tmp/alcasar_sms_tmp.log' |
if [ $nb_args -eq 0 ] |
then |
echo "No args" >> '/tmp/alcasar_sms_tmp.log' |
echo "$usage" |
exit 1 |
fi |
|
while getopts ":p:" portarg; do |
case "${portarg}" in |
p) |
echo "Port check" >> '/tmp/alcasar_sms_tmp.log' |
SSH_PORT=${OPTARG} |
echo "Port : $SSH_PORT" >> /tmp/alcasar_sms_tmp.log |
if [ $SSH_PORT -lt 0 ] || [ $SSH_PORT -gt 65535 ] |
then |
echo "Invalid port" >> /tmp/alcasar_sms_tmp.log |
echo "The port $SSH_PORT is invalid" |
exit 1 |
fi |
;; |
esac |
done |
|
case $args in |
-\? | -h* | --h*) |
echo "$usage" |
exit 0 |
;; |
--off | -off) |
echo "off" >> '/tmp/alcasar_sms_tmp.log' |
# Editing Alcasar configuration - Deleting the port |
$SED "s/^SSH_WAN=.*/SSH_WAN=/g" $ALCASAR_CONF |
# Editing SSH configuration - Deleting any port other than 22 |
$SED "/^.*Port\s[0-9]*/{/\s22$/!d}" $SSH_CONF |
# Applying iptables |
/usr/local/bin/alcasar-iptables.sh |
# Restarting SSH |
/usr/bin/systemctl restart sshd |
exit 0 |
;; |
--on | -on) |
SSH_PORT=${SSH_PORT:=22} |
echo "on" >> '/tmp/alcasar_sms_tmp.log' |
$SED "s/^SSH_WAN=.*/SSH_WAN=$SSH_PORT/g" $ALCASAR_CONF |
# Checking if there is already a port other than set |
if [ `grep -E "^.*Port\s[0-9]*" /etc/ssh/sshd_config| grep -vEc "\s22$"` -gt 0 ] |
then |
if [ $SSH_PORT -ne 22 ] |
then |
# Editing SSH configuration - Changing any port other than 22 |
$SED "/\s22$/! s/^.*Port\s[0-9]*/Port $SSH_PORT/" $SSH_CONF |
else |
# Editing SSH configuration - Deleting any port other than 22 (as 22 port is used) |
$SED "/^.*Port\s[0-9]*/{/\s22$/!d}" $SSH_CONF |
fi |
else |
if [ $SSH_PORT -ne 22 ] |
then |
# Adding the new SSH port in the config |
echo "Port $SSH_PORT" >> $SSH_CONF |
fi |
fi |
# Applying iptables |
/usr/local/bin/alcasar-iptables.sh |
# Restarting SSH |
/usr/bin/systemctl restart sshd |
exit 0 |
;; |
*) |
echo "Argument inconnu : $1" |
echo "$usage" |
exit 1 |
;; |
esac |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |