#!/bin/bash # # Script by Amalie # Do not edit # This file require root ERROR=0 CMD="" MESSAGE="" echo "" echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ports listening (netstat -plnt) v" sudo netstat -plnt echo "" echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ports forwarded (iptables -L -n) v" sudo iptables -L -n echo "" echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Modify ports below:" echo "Script for adding or removing ports in Iptables:" echo "" echo "Type 'add' or 'drop' or 'cancel':" read addordrop echo "" if [ "$addordrop" == "add" ]; then echo "type 'tcp' or 'udp':" read tcporudp echo "" echo "Enter port number:" read portnumber echo "" if [ "$portnumber" -le 65535 ] && [ "$portnumber" -ge 0 ]; then if [ "$tcporudp" == "tcp" ]; then CMD="iptables -A TCP -p tcp --dport $portnumber -j ACCEPT" MESSAGE="Added TCP port $portnumber" elif [ "$tcporudp" == "udp" ]; then CMD="iptables -A UDP -p udp --dport $portnumber -j ACCEPT" MESSAGE="Added UDP port $portnumber" else echo "Error: Unknown parameter." ERROR=1 fi else echo "Error: Port out of range." ERROR=1 fi elif [ "$addordrop" == "drop" ]; then echo "type 'tcp' or 'udp':" read tcporudp echo "" echo "Enter port number:" read portnumber echo "" if [ "$portnumber" -le 65535 ] && [ "$portnumber" -ge 0 ]; then if [ "$tcporudp" == "tcp" ]; then CMD="iptables -D TCP -p tcp --dport $portnumber -j ACCEPT" MESSAGE="Dropped TCP port $portnumber" elif [ "$tcporudp" == "udp" ]; then CMD="iptables -D UDP -p udp --dport $portnumber -j ACCEPT" MESSAGE="Dropped UDP port $portnumber" else echo "Error: Unknown parameter." ERROR=1 fi else echo "Error: Port out of range." ERROR=1 fi elif [ "$addordrop" == "cancel" ]; then echo "Cancelling script..." ERROR=1 else echo "Error: Unknown parameter." ERROR=1 fi if [ "$ERROR" -eq 0 ]; then eval $CMD iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6 echo "$CMD" >> /root/changeiptables-DONOTTOUCH.sh echo "Success: $MESSAGE." fi exit