From c4df1a9a50f37d1aa5f7570f38a993cc09716bf1 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Wed, 18 Aug 2021 10:40:18 -0400 Subject: [PATCH 1/4] iptables in oracle --- scripts/install.sh | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/scripts/install.sh b/scripts/install.sh index 0924e86..4c86999 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -105,13 +105,30 @@ source ./scripts/subinstallers/platform.sh # iptables echo "Setting up firewall (iptables)" -if [ ! -f "/etc/iptables/rules.v4" ]; then - echo "Setting iptables rules..." - ./scripts/subinstallers/iptables.sh -else - echo "iptables rules exist. Leaving alone." +if [ -f "/etc/iptables/rules.v4" ]; then + echo "Caution: iptables rules exist." + + read -p "Would you like to Clear (C) existing iptables rules or Add (A) to existing rules (this may cause problems)?" MISTBORN_IPTABLES_ACTION + echo + + if [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([cC])$ ]]; then + # clear + sudo rm -rf /etc/iptables/rules.v4 + sudo rm -rf /etc/iptables/rules.v6 || true + + elif [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([aA])$ ]]; then + # do nothing + echo "Proceeding..." + + else + echo "Unrecognized action: stopping" + exit 1; + + fi fi +echo "Setting iptables rules..." +source ./scripts/subinstallers/iptables.sh # SSH Server sudo -E apt-get install -y openssh-server From 31dfd20b1268353e9042dbe1c829f6ed1ca2ae86 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Wed, 18 Aug 2021 10:43:30 -0400 Subject: [PATCH 2/4] iptables current rules reset --- scripts/install.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/install.sh b/scripts/install.sh index 4c86999..0afb353 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -113,8 +113,17 @@ if [ -f "/etc/iptables/rules.v4" ]; then if [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([cC])$ ]]; then # clear + echo "Clearing existing iptables rules..." sudo rm -rf /etc/iptables/rules.v4 + sudo iptables -F + sudo iptables -t nat -F + sudo iptables -P INPUT ACCEPT + sudo iptables -P FORWARD ACCEPT sudo rm -rf /etc/iptables/rules.v6 || true + sudo ip6tables -F || true + sudo ip6tables -t nat -F || true + sudo ip6tables -P INPUT ACCEPT || true + sudo ip6tables -P FORWARD ACCEPT || true elif [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([aA])$ ]]; then # do nothing From 8fc09d5f1fce877ae3cf26af08770b16f3e51e35 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Wed, 18 Aug 2021 10:45:26 -0400 Subject: [PATCH 3/4] prompt --- scripts/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install.sh b/scripts/install.sh index 0afb353..42dbc04 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -108,7 +108,7 @@ echo "Setting up firewall (iptables)" if [ -f "/etc/iptables/rules.v4" ]; then echo "Caution: iptables rules exist." - read -p "Would you like to Clear (C) existing iptables rules or Add (A) to existing rules (this may cause problems)?" MISTBORN_IPTABLES_ACTION + read -p "Would you like to Clear (C) existing iptables rules or Add (A) to existing rules (this may cause problems)? [c/a]" MISTBORN_IPTABLES_ACTION echo if [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([cC])$ ]]; then From a6e427fe6cc791c9c8950bc38cb926ac9fbc5f16 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Wed, 18 Aug 2021 10:56:18 -0400 Subject: [PATCH 4/4] spacing --- scripts/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install.sh b/scripts/install.sh index 42dbc04..6587567 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -108,7 +108,7 @@ echo "Setting up firewall (iptables)" if [ -f "/etc/iptables/rules.v4" ]; then echo "Caution: iptables rules exist." - read -p "Would you like to Clear (C) existing iptables rules or Add (A) to existing rules (this may cause problems)? [c/a]" MISTBORN_IPTABLES_ACTION + read -p "Would you like to Clear (C) existing iptables rules or Add (A) to existing rules (this may cause problems)? [c/a] " MISTBORN_IPTABLES_ACTION echo if [[ "${MISTBORN_IPTABLES_ACTION}" =~ ^([cC])$ ]]; then