myvesta/bin/v-delete-firewall-chain
2016-06-09 16:55:35 +03:00

67 lines
1.7 KiB
Bash
Executable File

#!/bin/bash
# info: delete firewall chain
# options: CHAIN
#
# The function adds new rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
# Defining absolute path to iptables
iptables="/sbin/iptables"
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'CHAIN'
is_format_valid 'chain'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Deleting chain
chains=$VESTA/data/firewall/chains.conf
banlist=$VESTA/data/firewall/banlist.conf
chain_param=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
if [ ! -z "$chain_param" ]; then
eval $chain_param
sed -i "/CHAIN='$chain'/d" $chains
sed -i "/CHAIN='$chain'/d" $banlist
$iptables -D INPUT -p $PROTOCOL \
--dport $PORT -j fail2ban-$CHAIN 2>/dev/null
fi
# Deleting iptables chain
$iptables -F fail2ban-$CHAIN 2>/dev/null
$iptables -X fail2ban-$CHAIN 2>/dev/null
# Changing permissions
chmod 660 $chains
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit