Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # !/bin/bash
- ###################
- ##### Funcoes #####
- ###################
- Configuracao()
- {
- portas_altas=1024:65535
- }
- # Comando
- Firewall_Ativar()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m --------------------- \033[01;37m"
- echo -e "\033[01;36m * Ativando Firewall * \033[01;37m"
- echo -e "\033[01;37m --------------------- \033[01;37m"
- echo -e ""
- # Comando: Desativar firewall
- iptables -t filter -P INPUT DROP
- iptables -t filter -P OUTPUT DROP
- iptables -t filter -P FORWARD DROP
- }
- Regra_Lista()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo -e "\033[01;36m * Listagem de regras * \033[01;37m"
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo -e ""
- # Comando: Listagem de regras detalhadas + sequencia
- iptables -t filter -nvL --line-number
- echo -e "\n\033[01;31m --------------------------------------------------------------------- \033[01;37m\n"
- # Comando: Listagem de regras em sequencia
- iptables -t filter -L --line-number
- echo -e "\n\033[01;31m --------------------------------------------------------------------- \033[01;37m\n"
- }
- Regra_Limpeza()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo -e "\033[01;36m * Regras reiniciadas * \033[01;37m"
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo ""
- # Comando: Limpando memoria [flush]
- iptables -t filter -X
- iptables -t filter -F
- }
- Regra_Deletar()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo -e "\033[01;36m * Delecao de regra * \033[01;37m"
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo ""
- echo -e -n "\033[01;35m - Posicao: \033[01;37m"
- read pos
- # Comando: Deletar regra pela posicao
- iptables -t filter -D INPUT $pos
- iptables -t filter -D OUTPUT $pos
- }
- Regra_Desativar_Firewall()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo -e "\033[01;36m * Desativar firewall * \033[01;37m"
- echo -e "\033[01;37m ---------------------- \033[01;37m"
- echo ""
- # Comando
- iptables -t filter -P INPUT ACCEPT
- iptables -t filter -P OUTPUT ACCEPT
- iptables -t filter -P FORWARD ACCEPT
- }
- Liberando_Porta()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m ------------------- \033[01;37m"
- echo -e "\033[01;36m * Liberando porta * \033[01;37m"
- echo -e "\033[01;37m ------------------- \033[01;37m"
- echo ""
- echo -e -n "\033[01;35m - Porta: \033[01;37m"
- read porta
- # Comando: Liberando porta de destino e origem quaisquer
- iptables -t filter -A INPUT -p TCP --dport $porta -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport $porta -j ACCEPT
- # Mensagem
- echo ""
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo -e "\033[01;36m * Porta: $porta * \033[01;37m"
- echo -e "\033[01;36m * Status: Liberado * \033[01;37m"
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo ""
- }
- Liberando_Protocolos_Principais()
- {
- # Apresentacao
- clear
- echo ""
- echo -e "\033[01;37m ------------------------- \033[01;37m"
- echo -e "\033[01;36m * Protocolos principais * \033[01;37m"
- echo -e "\033[01;37m ------------------------- \033[01;37m"
- echo ""
- # Comando: Liberar SSH
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 22 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 22 --dport $portas_altas -j ACCEPT
- # Comando: Liberar DNS
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 53 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 53 --dport $portas_altas -j ACCEPT
- # Comando: Liberar FTP
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 21 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 21 --dport $portas_altas -j ACCEPT
- # Comando: Liberar ICMP
- iptables -t filter -A INPUT -p ICMP -j ACCEPT
- iptables -t filter -A OUTPUT -p ICMP -j ACCEPT
- # Comando: Liberar HTTP
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 80 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 80 --dport $portas_altas -j ACCEPT
- # Comando: Liberar HTTPS
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 443 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 443 --dport $portas_alta-j ACCEPT
- # Comando: Liberar MYSQL
- iptables -t filter -A INPUT -p TCP --sport $portas_altas --dport 3306 -j ACCEPT
- iptables -t filter -A OUTPUT -p TCP --sport 3306 --dport $portas_altas -j ACCEPT
- echo ""
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo -e "\033[01;36m * Pacote: SSH \033[01;37m"
- echo -e "\033[01;36m * Pacote: DNS \033[01;37m"
- echo -e "\033[01;36m * Pacote: FTP \033[01;37m"
- echo -e "\033[01;36m * Pacote: ICMP \033[01;37m"
- echo -e "\033[01;36m * Pacote: HTTP \033[01;37m"
- echo -e "\033[01;36m * Pacote: HTTPS \033[01;37m"
- echo -e "\033[01;36m * Pacote: MYSQL \033[01;37m"
- echo -e "\033[01;36m * Status: Liberado \033[01;37m"
- echo -e "\033[01;37m -------------------- \033[01;37m"
- echo ""
- }
- ####################
- ##### IPTABLES #####
- ####################
- # Ativando Firewall
- Configuracao
- Firewall_Ativar
- # Estrutura em loop
- while (( 1 ))
- do
- # Menu
- clear
- echo ""
- echo -e "\033[01;36m --------------- DATA --------------- \033[01;37m"
- echo -e "\033[01;31m * Num: $(date +%d) \033[01;37m"
- echo -e "\033[01;32m * Dia: $(date +%a) \033[01;37m"
- echo -e "\033[01;33m * Mes: $(date +%b) \033[01;37m"
- echo -e "\033[01;34m * Ano: $(date +%Y) \033[01;37m"
- echo -e "\033[01;35m * Status: Firewall Ativado \033[01;37m"
- echo -e "\033[01;36m ------------------------------------ \033[01;37m"
- echo -e ""
- echo -e "\033[01;37m ################################# FIREWALL ################################## \033[01;37m\n"
- echo -e "\033[01;33m [1] Regras [lista] \033[01;37m"
- echo -e "\033[01;33m [2] Regras [limpeza] \033[01;37m"
- echo -e "\033[01;33m [3] Regras [deletar] \033[01;37m"
- echo -e "\033[01;33m [4] Regras [desativar firewall] \033[01;37m"
- echo -e ""
- echo -e "\033[01;34m [5] Liberando [porta] \033[01;37m"
- echo -e "\033[01;34m [6] Liberando [protocolos principais] \033[01;37m"
- echo ""
- echo -e "\033[01;37m ############################################################################# \033[01;37m\n"
- echo -e -n "\n\033[01;34m + Opc: \033[01;37m"
- read opc
- echo ""
- # Estrutura em escolha
- case $opc in
- 1)
- Regra_Lista;;
- 2)
- Regra_Limpeza;;
- 3)
- Regra_Deletar;;
- 4)
- Regra_Desativar_Firewall;;
- 5)
- Liberando_Porta;;
- 6)
- Liberando_Protocolos_Principais;;
- *)
- ;;
- esac
- echo -e "\n\033[01;32m =-=-= Press [ENTER] =-=-= \033[01;37m\n"
- read
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement