first version

3 days ago · 1f12281be5
parent 4ff60a0c17
commit 1f12281be5
2 changed files with 58 additions and 0 deletions
--- a/paranoic.sh
+++ b/paranoic.sh
@ -0,0 +1,54 @@
+#!/bin/bash
+# Script para bloquear todo por defecto y solamente permitir el acceso de la white.list
+# Dependencias: ufw
+# fanta <fanta@56k.es>
+
+nic="wlo1"
+user=$(whoami)
+opt="$1"
+version="0.1"
+
+function who {
+  if [ "$(whoami)" != "root" ]; then echo "please run paranoic with the user root"; exit; fi
+}
+
+function disable {
+  ufw disable
+}
+
+function enable {
+  ufw default deny outgoing
+  ufw default deny incoming
+
+  while read data
+  do
+    ip=$(echo $data | cut -d ";" -f 1)
+    comment=$(echo $data | cut -d ";" -f 2)
+    ufw allow out on $nic from any to $ip comment "$comment"
+  done < white.list
+
+  ufw enable
+  ufw status numbered
+}
+
+
+function help {
+  echo -e "paranoic $version - fanta <fanta@56k.es>\n"
+  echo -e "-d disable"
+  echo -e "-e enable"
+  echo -e "-h Show this help\n"
+}
+
+function checkOpt {
+  if [ -z "$opt" ]; then help; fi
+  if [ "$opt" = "-h" ]; then help; fi
+  if [ "$opt" = "-d" ]; then disable; fi
+  if [ "$opt" = "-e" ]; then enable; fi
+}
+
+function main() {
+  who
+  checkOpt
+}
+
+main
--- a/white.list
+++ b/white.list
@ -0,0 +1,4 @@
+192.168.1.1;Router
+217.76.139.178;56k server
+168.119.140.111;Mastodon.green server
+185.70.42.37;mail.proton.me server