mirror of
https://github.com/ChrisTitusTech/linutil.git
synced 2024-12-25 12:59:45 +00:00
Merge pull request #94 from infstate/new-features-2
Added Security Folder
This commit is contained in:
commit
b7c3123250
39
src/commands/security/firewall-baselines.sh
Normal file
39
src/commands/security/firewall-baselines.sh
Normal file
|
@ -0,0 +1,39 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
installPkg() {
|
||||
echo "Install UFW if not already installed..."
|
||||
if ! command_exists ufw; then
|
||||
case ${PACKAGER} in
|
||||
pacman)
|
||||
sudo "${PACKAGER}" -S --noconfirm ufw
|
||||
;;
|
||||
*)
|
||||
sudo "${PACKAGER}" install -y ufw
|
||||
;;
|
||||
esac
|
||||
else
|
||||
echo "UFW is already installed."
|
||||
fi
|
||||
echo -e "${GREEN}Using Chris Titus Recommended Firewall Rules${RC}"
|
||||
sudo ufw limit 22/tcp
|
||||
echo "Limiting port 22/tcp (UFW)"
|
||||
|
||||
sudo ufw allow 80/tcp
|
||||
echo "Allowing port 80/tcp (UFW)"
|
||||
|
||||
sudo ufw allow 443/tcp
|
||||
echo "Allowing port 443/tcp (UFW)"
|
||||
|
||||
sudo ufw default deny incoming
|
||||
echo "Denying Incoming Packets by Default(UFW)"
|
||||
|
||||
sudo ufw default allow outgoing
|
||||
echo "Allowing Outcoming Packets by Default(UFW)"
|
||||
|
||||
sudo ufw enable
|
||||
echo -e "${GREEN}Enabled Firewall with Baselines!${RC}"
|
||||
|
||||
}
|
||||
|
||||
checkEnv
|
||||
installPkg
|
|
@ -82,6 +82,15 @@ impl CustomList {
|
|||
command: Command::LocalFile("system-setup/3-global-theme.sh"),
|
||||
},
|
||||
},
|
||||
ListNode {
|
||||
name: "Security",
|
||||
command: ""
|
||||
} => {
|
||||
ListNode {
|
||||
name: "Firewall Baselines (CTT)",
|
||||
command: with_common_script!("commands/security/firewall-baselines.sh"),
|
||||
}
|
||||
},
|
||||
ListNode {
|
||||
name: "Titus Dotfiles",
|
||||
command: Command::None
|
||||
|
|
Loading…
Reference in New Issue
Block a user