Merge pull request #94 from infstate/new-features-2

Added Security Folder
2024-11-05 13:15:21 +00:00 · 2024-07-30 15:40:01 -05:00 · 2024-07-30 15:40:01 -05:00 · b7c3123250
commit b7c3123250
parent b6ac4e70cb 29e257bf41
2 changed files with 48 additions and 0 deletions
--- a/src/commands/security/firewall-baselines.sh
+++ b/src/commands/security/firewall-baselines.sh
@ -0,0 +1,39 @@
+#!/bin/sh -e
+
+installPkg() {
+    echo "Install UFW if not already installed..."
+    if ! command_exists ufw; then
+        case ${PACKAGER} in
+            pacman)
+                sudo "${PACKAGER}" -S --noconfirm ufw
+                ;;
+            *)
+                sudo "${PACKAGER}" install -y ufw
+                ;;
+        esac
+    else
+        echo "UFW is already installed."
+    fi
+    echo -e "${GREEN}Using Chris Titus Recommended Firewall Rules${RC}"
+    sudo ufw limit 22/tcp
+    echo "Limiting port 22/tcp (UFW)"
+
+    sudo ufw allow 80/tcp
+    echo "Allowing port 80/tcp (UFW)"
+
+    sudo ufw allow 443/tcp
+    echo "Allowing port 443/tcp (UFW)"
+
+    sudo ufw default deny incoming
+    echo "Denying Incoming Packets by Default(UFW)"
+
+    sudo ufw default allow outgoing
+    echo "Allowing Outcoming Packets by Default(UFW)"
+
+    sudo ufw enable
+    echo -e "${GREEN}Enabled Firewall with Baselines!${RC}"
+
+}
+
+checkEnv
+installPkg
--- a/src/list.rs
+++ b/src/list.rs
@ -82,6 +82,15 @@ impl CustomList {
                    command: Command::LocalFile("system-setup/3-global-theme.sh"),
                },
            },
+            ListNode {
+                name: "Security",
+                command: ""
+            } => {
+                ListNode {
+                    name: "Firewall Baselines (CTT)",
+                    command: with_common_script!("commands/security/firewall-baselines.sh"),
+                }
+            },
            ListNode {
                name: "Titus Dotfiles",
                command: Command::None