Hallo, dies ist ein Test.

PWD: /www/data-lst1/unixsoft/unixsoft/kaempfer/.public_html

Running in File Mode
Relative path: ./../../../../.././../etc/ipf/./genipf
Real path: /etc/ipf/genipf
Zurück

#!/bin/sh # # genipf # Jan-Peter Bell # # Version: 1.4.20 # Montag, 30. Juni 2014, 15:51:30 Uhr CEST # # bilden und laden von IPF-Regeln fuer NFS # IPFADD=/etc/ipf/ipf.conf.add # GAWK=/usr/bin/gawk if [ ! -x $GAWK ] ; then GAWK=/opt/csw/bin/gawk fi # testen ob RPC ueberhaupt enabled NORPC=`/usr/bin/svcs -p svc:/network/rpc/bind | /usr/bin/grep disable | /usr/bin/wc -l` if [ $NORPC -ne 1 ] ; then # warten auf online fuer enabled Dienste for SERVICE in svc:/network/rpc/bind svc:/network/nfs/server:default svc:/network/nfs/client:default do # Dienststatus abfragen STAT=`/usr/bin/svcs -p $SERVICE | /usr/bin/grep disable | /usr/bin/wc -l` if [ $STAT -eq 1 ] ; then # Dienst disabled continue fi # warten auf online SERV=`/usr/bin/svcs -p $SERVICE | /usr/bin/grep online |/usr/bin/wc -l` CNT=1 while [ $SERV -ne 1 -a $CNT -lt 30 ] do CNT=`expr $CNT + 1` /usr/bin/sleep 1 SERV=`/usr/bin/svcs -p $SERVICE | /usr/bin/grep online |/usr/bin/wc -l` done done fi echo "#" >$IPFADD echo "# erzeugt von /etc/ipf/genipf am: `/usr/bin/date`" >>$IPFADD if [ $NORPC -ne 1 ] ; then echo "#" >>$IPFADD echo "pass in quick proto 6 from pool/2 to pool/3 port = 111 keep state" >>$IPFADD echo "pass in quick proto 17 from pool/2 to pool/3 port = 111 keep state" >>$IPFADD echo "pass in quick proto 6 from pool/100 port = 2049 to pool/1 port 0 >< 1024 keep state" >>$IPFADD echo "pass in quick proto 17 from pool/100 port = 2049 to pool/1 port 0 >< 1024 keep state" >>$IPFADD for i in `/usr/bin/rpcinfo -p | $GAWK '$0 !~ "program" { print $4; }' | /usr/bin/sort -u` do echo "# `/bin/rpcinfo -p | /bin/grep $i | /bin/head -1" >> $IPFADD echo "pass in quick proto 6 from pool/100 to pool/1 port = $i keep state" >> $IPFADD echo "pass in quick proto 17 from pool/100 to pool/1 port = $i keep state" >> $IPFADD done echo "pass in quick proto 6 from any to pool/1 flags A/SA" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AR" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags A with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AR with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AF with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AP with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AS with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AFP with oow" >> $IPFADD echo "pass in quick proto 6 from any to pool/1 flags AFR with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to pool/100 flags A/SA" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags R" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags A with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags AR with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags AF with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags AP with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags AS with oow" >> $IPFADD echo "pass out quick proto 6 from pool/1 to any flags AFP with oow" >> $IPFADD fi echo "# " >> $IPFADD # Auflisten was nicht ins Protokoll soll echo "block in quick from any to pool/3" >> $IPFADD echo "block in quick from any to 255.255.255.255" >> $IPFADD echo "block in quick from 0.0.0.0 to any" >> $IPFADD echo "block in quick from 141.20.20.200 to any" >> $IPFADD echo "block in quick from 141.20.20.16 to any" >> $IPFADD # # neue Regeln hinzufuegen /usr/sbin/ipf -f $IPFADD