#!/bin/bash
# Script para bloquear todo por defecto y solamente permitir el acceso de la white.list
# Dependencias: ufw
# fanta <fanta@56k.es>

nic="wlo1"
user=$(whoami)
opt="$1"
version="0.1"

function who {
  if [ "$(whoami)" != "root" ]; then echo "please run paranoic with the user root"; exit; fi
}

function disable {
  ufw disable
}

function enable {
  ufw default deny outgoing
  ufw default deny incoming

  while read data
  do
    ip=$(echo $data | cut -d ";" -f 1)
    comment=$(echo $data | cut -d ";" -f 2)
    ufw allow out on $nic from any to $ip comment "$comment"
  done < white.list

  ufw enable
  ufw status numbered
}


function help {
  echo -e "paranoic $version - fanta <fanta@56k.es>\n"
  echo -e "-d disable"
  echo -e "-e enable"
  echo -e "-h Show this help\n"
}

function checkOpt {
  if [ -z "$opt" ]; then help; fi
  if [ "$opt" = "-h" ]; then help; fi
  if [ "$opt" = "-d" ]; then disable; fi
  if [ "$opt" = "-e" ]; then enable; fi
}

function main() {
  who
  checkOpt
}

main