Startsida Utforska Hjälp
Logga in
Troglodyne
/
tCMS
2
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
tCMS
/
ufw
/
setup-rules

setup-rules 767 B
Permalänk Historik

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. #!/usr/bin/env perl
    2. 

  2. 

  3. use strict;
    4. 

  4. use warnings;
    5. 

  5. 

  6. use Data::Dumper;
    7. 

  7. 

  8. my $DRY_RUN = $ARGV[0] ? 1 : 0;
    9. 

  9. 

  10. # Build rules, apply rules.
    11. 

  11. 

  12. # Enable every available service.
    13. 

  13. # Don't use tCMS on hosts that do anything else with.
    14. 

  14. my $list = qx{ufw app list};
    15. 

  15. my @apps = split(/\n/, $list);
    16. 

  16. shift @apps;
    17. 

  17. @apps = map { s/^\s+//; $_ } @apps;
    18. 

  18. 

  19. # Sane defaults
    20. 

  20. my @rules = (
    21. 

  21.     [qw{enable}],
    22. 

  22.     [qw{default deny outgoing}],
    23. 

  23.     [qw{default deny incoming}],
    24. 

  24. );
    25. 

  25. 

  26. # Allow, but rate limit
    27. 

  27. foreach my $app (@apps) {
    28. 

  28.     push(@rules,
    29. 

  29.         ["allow", $app],
    30. 

  30.         ["limit", $app],
    31. 

  31.     );
    32. 

  32. }
    33. 

  33. 

  34. @rules = map { unshift(@{$_}, '--dry-run'); $_ } @rules if $DRY_RUN;
    35. 

  35. @rules = map { unshift(@{$_}, 'ufw'); $_ } @rules;
    36. 

  36. 

  37. print Dumper(\@rules);
    38. 

  38. 

  39. foreach my $rule (@rules) {
    40. 

  40.     system(@$rule);
    41. 

  41. }
    42.