mirror of
https://github.com/ChrisTitusTech/linutil.git
synced 2024-11-05 13:15:21 +00:00
commit
d632edcf02
|
@ -1,11 +1,13 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ./common-script.sh
|
||||
|
||||
installPkg() {
|
||||
echo "Install UFW if not already installed..."
|
||||
if ! command_exists ufw; then
|
||||
case ${PACKAGER} in
|
||||
pacman)
|
||||
sudo "${PACKAGER}" -S --noconfirm ufw
|
||||
sudo "${PACKAGER}" -Sy --noconfirm ufw
|
||||
;;
|
||||
*)
|
||||
sudo "${PACKAGER}" install -y ufw
|
||||
|
@ -14,26 +16,33 @@ installPkg() {
|
|||
else
|
||||
echo "UFW is already installed."
|
||||
fi
|
||||
}
|
||||
|
||||
configureUFW() {
|
||||
echo -e "${GREEN}Using Chris Titus Recommended Firewall Rules${RC}"
|
||||
sudo ufw limit 22/tcp
|
||||
|
||||
echo "Disabling UFW"
|
||||
sudo ufw disable
|
||||
|
||||
echo "Limiting port 22/tcp (UFW)"
|
||||
sudo ufw limit 22/tcp
|
||||
|
||||
sudo ufw allow 80/tcp
|
||||
echo "Allowing port 80/tcp (UFW)"
|
||||
sudo ufw allow 80/tcp
|
||||
|
||||
sudo ufw allow 443/tcp
|
||||
echo "Allowing port 443/tcp (UFW)"
|
||||
sudo ufw allow 443/tcp
|
||||
|
||||
sudo ufw default deny incoming
|
||||
echo "Denying Incoming Packets by Default(UFW)"
|
||||
sudo ufw default deny incoming
|
||||
|
||||
sudo ufw default allow outgoing
|
||||
echo "Allowing Outcoming Packets by Default(UFW)"
|
||||
sudo ufw default allow outgoing
|
||||
|
||||
sudo ufw enable
|
||||
echo -e "${GREEN}Enabled Firewall with Baselines!${RC}"
|
||||
|
||||
}
|
||||
|
||||
checkEnv
|
||||
installPkg
|
||||
configureUFW
|
||||
|
|
Loading…
Reference in New Issue
Block a user