From 1f12281be5c191a4e1572ec78cfa4d3f3782490b Mon Sep 17 00:00:00 2001
From: fanta <fanta@56k.es>
Date: Wed, 14 May 2025 19:38:19 +0200
Subject: [PATCH] first version

---
 paranoic.sh | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 white.list  |  4 ++++
 2 files changed, 58 insertions(+)
 create mode 100644 paranoic.sh
 create mode 100644 white.list

diff --git a/paranoic.sh b/paranoic.sh
new file mode 100644
index 0000000..6c06ba0
--- /dev/null
+++ b/paranoic.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+# Script para bloquear todo por defecto y solamente permitir el acceso de la white.list
+# Dependencias: ufw
+# fanta <fanta@56k.es>
+
+nic="wlo1"
+user=$(whoami)
+opt="$1"
+version="0.1"
+
+function who {
+  if [ "$(whoami)" != "root" ]; then echo "please run paranoic with the user root"; exit; fi
+}
+
+function disable {
+  ufw disable
+}
+
+function enable {
+  ufw default deny outgoing
+  ufw default deny incoming
+
+  while read data
+  do
+    ip=$(echo $data | cut -d ";" -f 1)
+    comment=$(echo $data | cut -d ";" -f 2)
+    ufw allow out on $nic from any to $ip comment "$comment"
+  done < white.list
+
+  ufw enable
+  ufw status numbered
+}
+
+
+function help {
+  echo -e "paranoic $version - fanta <fanta@56k.es>\n"
+  echo -e "-d disable"
+  echo -e "-e enable"
+  echo -e "-h Show this help\n"
+}
+
+function checkOpt {
+  if [ -z "$opt" ]; then help; fi
+  if [ "$opt" = "-h" ]; then help; fi
+  if [ "$opt" = "-d" ]; then disable; fi
+  if [ "$opt" = "-e" ]; then enable; fi
+}
+
+function main() {
+  who
+  checkOpt
+}
+
+main
diff --git a/white.list b/white.list
new file mode 100644
index 0000000..5718df4
--- /dev/null
+++ b/white.list
@@ -0,0 +1,4 @@
+192.168.1.1;Router
+217.76.139.178;56k server
+168.119.140.111;Mastodon.green server
+185.70.42.37;mail.proton.me server