Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:illuusio
firewalld-ipdeny-ipsets
ipdeny-update-firewalld.sh.in
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ipdeny-update-firewalld.sh.in of Package firewalld-ipdeny-ipsets
#!/bin/bash # Handles firewall part of the show function firewall_cmds { FIREWALLD_PARMS="--quiet --permanent" FIREWALLD_IPSET_NAME="ipdeny_com_${VERSION}" if [ -n "${VERBOSE}" ] then FIREWALLD_PARMS="--permanent" echo "firewall_cmds(): Version is '${VERSION}' and param is '${1}'" echo "firewall_cmds(): Basic FirewallD params: '${FIREWALLD_PARMS}'" fi if [ -x /usr/bin/firewall-cmd ] then case "${1}" in pre-create) OUTPUT_FILE=$(mktemp) FIREWALLD_FILE="/etc/firewalld/ipsets/${FIREWALLD_IPSET_NAME}.xml" IPDENY_ZONE_COUNT=$(ls -1 /usr/share/ipdeny/*.zone.xz 2>/dev/null | wc -l) if [ "${IPDENY_ZONE_COUNT}" != 0 ] then xzcat /usr/share/ipdeny/*.zone.xz | sort --unique > "${OUTPUT_FILE}" else touch "${OUTPUT_FILE}" fi sed -e "s#__CUR_VERSION__#${VERSION}#g" /usr/share/ipdeny/ipdeny_com_template.xml > "${FIREWALLD_FILE}" sed -e "s#\(.*\)# <entry>\1</entry>#g" "${OUTPUT_FILE}" >> "${FIREWALLD_FILE}" echo "</ipset>" >> "${FIREWALLD_FILE}" rm -f "${OUTPUT_FILE}" ;; add-entries) OUTPUT_FILE=$(mktemp) xzcat /usr/share/ipdeny/*.zone.xz | sort --unique > "${OUTPUT_FILE}" firewall-cmd ${FIREWALLD_PARMS} --ipset="${FIREWALLD_IPSET_NAME}" --add-entries-from-file="${OUTPUT_FILE}" rm -f "${OUTPUT_FILE}" ;; remove-entry) ;; create-ipset) firewall-cmd ${FIREWALLD_PARMS} --new-ipset="${FIREWALLD_IPSET_NAME}" --type=hash:net --option=family=inet --option=hashsize=4096 --option=maxelem=500000 firewall-cmd ${FIREWALLD_PARMS} --ipset="${FIREWALLD_IPSET_NAME}" --set-description="FirewallD IPDENY.COM Blocklist conversion ${VERSION}" firewall-cmd ${FIREWALLD_PARMS} --ipset="${FIREWALLD_IPSET_NAME}" --set-short="Firewalld IPDENY.COM" ;; remove-ipset) firewall-cmd ${FIREWALLD_PARMS} --delete-ipset="${FIREWALLD_IPSET_NAME}" ;; add-source) firewall-cmd ${FIREWALLD_PARMS} --zone="${ZONE}" --add-source="ipset:${FIREWALLD_IPSET_NAME}" ;; remove-source) firewall-cmd ${FIREWALLD_PARMS} --zone="${ZONE}" --remove-source="ipset:${FIREWALLD_IPSET_NAME}" ;; esac fi } if [ -z "${VERSION}" ] then VERSION=__CUR_VERSION__ fi if [ -z "${ZONE}" ] then ZONE="drop" fi if [ -z "$1" ] then firewall_cmds create-ipset firewall_cmds add-source else firewall_cmds "$1" fi if [ -f "/etc/firewalld/ipsets/ipdeny_com_${VERSION}.xml.old" ] then rm "/etc/firewalld/ipsets/ipdeny_com_${VERSION}.xml.old" fi
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor