From 29e257bf41f34dc25c53defc6bfff163f190de63 Mon Sep 17 00:00:00 2001 From: infstate Date: Tue, 30 Jul 2024 12:01:13 -0700 Subject: [PATCH] Added Security Folder --- src/commands/security/firewall-baselines.sh | 39 +++++++++++++++++++++ src/list.rs | 9 +++++ 2 files changed, 48 insertions(+) create mode 100644 src/commands/security/firewall-baselines.sh diff --git a/src/commands/security/firewall-baselines.sh b/src/commands/security/firewall-baselines.sh new file mode 100644 index 00000000..b6153065 --- /dev/null +++ b/src/commands/security/firewall-baselines.sh @@ -0,0 +1,39 @@ +#!/bin/sh -e + +installPkg() { + echo "Install UFW if not already installed..." + if ! command_exists ufw; then + case ${PACKAGER} in + pacman) + sudo "${PACKAGER}" -S --noconfirm ufw + ;; + *) + sudo "${PACKAGER}" install -y ufw + ;; + esac + else + echo "UFW is already installed." + fi + echo -e "${GREEN}Using Chris Titus Recommended Firewall Rules${RC}" + sudo ufw limit 22/tcp + echo "Limiting port 22/tcp (UFW)" + + sudo ufw allow 80/tcp + echo "Allowing port 80/tcp (UFW)" + + sudo ufw allow 443/tcp + echo "Allowing port 443/tcp (UFW)" + + sudo ufw default deny incoming + echo "Denying Incoming Packets by Default(UFW)" + + sudo ufw default allow outgoing + echo "Allowing Outcoming Packets by Default(UFW)" + + sudo ufw enable + echo -e "${GREEN}Enabled Firewall with Baselines!${RC}" + +} + +checkEnv +installPkg diff --git a/src/list.rs b/src/list.rs index b564bdea..83d451cb 100644 --- a/src/list.rs +++ b/src/list.rs @@ -99,6 +99,15 @@ impl CustomList { command: "cargo run" } }, + ListNode { + name: "Security", + command: "" + } => { + ListNode { + name: "Firewall Baselines (CTT)", + command: with_common_script!("commands/security/firewall-baselines.sh"), + } + }, ListNode { name: "Titus Dotfiles", command: ""