Subversion Repositories ALCASAR

Rev

Rev 2474 | Rev 3043 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2474 Rev 2957
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
# $Id: alcasar-iptables-bypass.sh 2474 2017-12-30 02:00:04Z tom.houdayer $
2
# $Id: alcasar-iptables-bypass.sh 2957 2021-05-26 13:06:56Z rexy $
3
 
3
 
4
# alcasar-iptables-bypass.sh
4
# alcasar-iptables-bypass.sh
5
# by Rexy - 3abtux
5
# by Rexy - 3abtux
6
# This script is distributed under the Gnu General Public License (GPL)
6
# This script is distributed under the Gnu General Public License (GPL)
7
 
7
 
Line 17... Line 17...
17
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`				# EXTernal InterFace
17
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`				# EXTernal InterFace
18
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`				# INTernal InterFace
18
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`				# INTernal InterFace
19
PRIVATE_NETWORK_MASK=$private_network/$private_prefix			# Lan IP address + prefix (192.168.182.0/24)
19
PRIVATE_NETWORK_MASK=$private_network/$private_prefix			# Lan IP address + prefix (192.168.182.0/24)
20
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
20
PRIVATE_IP=`echo $private_ip_mask | cut -d"/" -f1`			# ALCASAR LAN IP address
21
public_ip_mask=`grep ^PUBLIC_IP= $CONF_FILE|cut -d"=" -f2`		# ALCASAR WAN IP address
21
public_ip_mask=`grep ^PUBLIC_IP= $CONF_FILE|cut -d"=" -f2`		# ALCASAR WAN IP address
-
 
22
if [[ "$public_ip_mask" == "dhcp" ]]
-
 
23
then
-
 
24
	PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([012]?[0-9]|3[0-2])\b"
-
 
25
	public_ip_mask=`ip addr show $EXTIF | egrep -o $PTN`
-
 
26
fi
22
PUBLIC_IP=`echo $public_ip_mask | cut -d"/" -f1`
27
PUBLIC_IP=`echo $public_ip_mask | cut -d"/" -f1`
23
SSH=`grep ^SSH= $CONF_FILE|cut -d"=" -f2`				# sshd active (on/off)
28
SSH=`grep ^SSH= $CONF_FILE|cut -d"=" -f2`				# sshd active (on/off)
24
SSH=${SSH:=off}
29
SSH=${SSH:=off}
25
SSH_ADMIN_FROM=`grep ^SSH_ADMIN_FROM= $CONF_FILE|cut -d"=" -f2`
30
SSH_ADMIN_FROM=`grep ^SSH_ADMIN_FROM= $CONF_FILE|cut -d"=" -f2`
26
SSH_ADMIN_FROM=${SSH_ADMIN_FROM:="0.0.0.0/0.0.0.0"}				# WAN IP address to reduce ssh access (all ip allowed on LAN side)
31
SSH_ADMIN_FROM=${SSH_ADMIN_FROM:="0.0.0.0/0.0.0.0"}				# WAN IP address to reduce ssh access (all ip allowed on LAN side)