snipt

Ctrl+h for KB shortcuts

Bash

Install APF firewall

#!/bin/bash
cd /usr/local/src/
rm -rf apf*
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf*
sh install.sh
inst=$?
if [ $inst = 0 ]
then
echo -e "\n A.P.F Installed \n"
fi
sed '{
s/^IG\_TCP\_CPORTS.*/IG\_TCP\_CPORTS=\"21,22,25,53,80,110,143,443,2082,2083,2086,2087,2095,8443,2096,3000\_3500\"/g
s/^IG\_UDP\_CPORTS.*/IG\_UDP\_CPORTS=\"53\"/g
s/eth0/eth1/g
s/^EG\_TCP\_CPORTS.*/EG\_TCP\_CPORTS=\"21,25,80,443,43\"/g
s/^EG\_UDP\_CPORTS.*/EG\_UDP\_CPORTS=\"20,21,53\"/g
s/^EGF=\"0\"/EGF=\"1\"/g
}' /etc/apf/conf.apf > /etc/apf/conf.apf.new
mv /etc/apf/conf.apf{,.SL}
mv /etc/apf/conf.apf.new /etc/apf/conf.apf
echo -e "\n\n APF Configuration Edited \n"
echo -e "\n Following changes made \n ============"
grep CPORTS /etc/apf/conf.apf |grep -v ^#
grep eth /etc/apf/conf.apf | grep -v ^#
grep EGF /etc/apf/conf.apf | grep -v ^#

echo -e "\n ============ \n "
echo -e "Check SSH port is added \n"
grep -i ^port /etc/ssh/sshd_config
echo -e "\n Please set DEVEL_MODE to 0 in apf.conf if working fine !! \n "
https://snipt.net/embed/2fae08d854ee9f37fc08fe4aaeccfd5f/
/raw/2fae08d854ee9f37fc08fe4aaeccfd5f/
2fae08d854ee9f37fc08fe4aaeccfd5f
bash
Bash
32
2019-08-23T07:52:29
True
False
False
/api/public/snipt/2958/
install-apf-firewall
<table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><a href="#L-1"> 1</a> <a href="#L-2"> 2</a> <a href="#L-3"> 3</a> <a href="#L-4"> 4</a> <a href="#L-5"> 5</a> <a href="#L-6"> 6</a> <a href="#L-7"> 7</a> <a href="#L-8"> 8</a> <a href="#L-9"> 9</a> <a href="#L-10">10</a> <a href="#L-11">11</a> <a href="#L-12">12</a> <a href="#L-13">13</a> <a href="#L-14">14</a> <a href="#L-15">15</a> <a href="#L-16">16</a> <a href="#L-17">17</a> <a href="#L-18">18</a> <a href="#L-19">19</a> <a href="#L-20">20</a> <a href="#L-21">21</a> <a href="#L-22">22</a> <a href="#L-23">23</a> <a href="#L-24">24</a> <a href="#L-25">25</a> <a href="#L-26">26</a> <a href="#L-27">27</a> <a href="#L-28">28</a> <a href="#L-29">29</a> <a href="#L-30">30</a> <a href="#L-31">31</a> <a href="#L-32">32</a></pre></div></td><td class="code"><div class="highlight"><pre><span></span><span id="L-1"><a name="L-1"></a><span class="ch">#!/bin/bash</span> </span><span id="L-2"><a name="L-2"></a><span class="nb">cd</span> /usr/local/src/ </span><span id="L-3"><a name="L-3"></a>rm -rf apf* </span><span id="L-4"><a name="L-4"></a>wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz </span><span id="L-5"><a name="L-5"></a>tar -xvzf apf-current.tar.gz </span><span id="L-6"><a name="L-6"></a><span class="nb">cd</span> apf* </span><span id="L-7"><a name="L-7"></a>sh install.sh </span><span id="L-8"><a name="L-8"></a><span class="nv">inst</span><span class="o">=</span><span class="nv">$?</span> </span><span id="L-9"><a name="L-9"></a><span class="k">if</span> <span class="o">[</span> <span class="nv">$inst</span> <span class="o">=</span> <span class="m">0</span> <span class="o">]</span> </span><span id="L-10"><a name="L-10"></a><span class="k">then</span> </span><span id="L-11"><a name="L-11"></a><span class="nb">echo</span> -e <span class="s2">&quot;\n A.P.F Installed \n&quot;</span> </span><span id="L-12"><a name="L-12"></a><span class="k">fi</span> </span><span id="L-13"><a name="L-13"></a>sed <span class="s1">&#39;{</span> </span><span id="L-14"><a name="L-14"></a><span class="s1">s/^IG\_TCP\_CPORTS.*/IG\_TCP\_CPORTS=\&quot;21,22,25,53,80,110,143,443,2082,2083,2086,2087,2095,8443,2096,3000\_3500\&quot;/g</span> </span><span id="L-15"><a name="L-15"></a><span class="s1">s/^IG\_UDP\_CPORTS.*/IG\_UDP\_CPORTS=\&quot;53\&quot;/g</span> </span><span id="L-16"><a name="L-16"></a><span class="s1">s/eth0/eth1/g</span> </span><span id="L-17"><a name="L-17"></a><span class="s1">s/^EG\_TCP\_CPORTS.*/EG\_TCP\_CPORTS=\&quot;21,25,80,443,43\&quot;/g</span> </span><span id="L-18"><a name="L-18"></a><span class="s1">s/^EG\_UDP\_CPORTS.*/EG\_UDP\_CPORTS=\&quot;20,21,53\&quot;/g</span> </span><span id="L-19"><a name="L-19"></a><span class="s1">s/^EGF=\&quot;0\&quot;/EGF=\&quot;1\&quot;/g</span> </span><span id="L-20"><a name="L-20"></a><span class="s1">}&#39;</span> /etc/apf/conf.apf &gt; /etc/apf/conf.apf.new </span><span id="L-21"><a name="L-21"></a>mv /etc/apf/conf.apf<span class="o">{</span>,.SL<span class="o">}</span> </span><span id="L-22"><a name="L-22"></a>mv /etc/apf/conf.apf.new /etc/apf/conf.apf </span><span id="L-23"><a name="L-23"></a><span class="nb">echo</span> -e <span class="s2">&quot;\n\n APF Configuration Edited \n&quot;</span> </span><span id="L-24"><a name="L-24"></a><span class="nb">echo</span> -e <span class="s2">&quot;\n Following changes made \n ============&quot;</span> </span><span id="L-25"><a name="L-25"></a>grep CPORTS /etc/apf/conf.apf <span class="p">|</span>grep -v ^# </span><span id="L-26"><a name="L-26"></a>grep eth /etc/apf/conf.apf <span class="p">|</span> grep -v ^# </span><span id="L-27"><a name="L-27"></a>grep EGF /etc/apf/conf.apf <span class="p">|</span> grep -v ^# </span><span id="L-28"><a name="L-28"></a> </span><span id="L-29"><a name="L-29"></a><span class="nb">echo</span> -e <span class="s2">&quot;\n ============ \n &quot;</span> </span><span id="L-30"><a name="L-30"></a><span class="nb">echo</span> -e <span class="s2">&quot;Check SSH port is added \n&quot;</span> </span><span id="L-31"><a name="L-31"></a>grep -i ^port /etc/ssh/sshd_config </span><span id="L-32"><a name="L-32"></a><span class="nb">echo</span> -e <span class="s2">&quot;\n Please set DEVEL_MODE to 0 in apf.conf if working fine !! \n &quot;</span> </span></pre></div> </td></tr></table>
apf, bash, firewall, linux