############################################################### # iptables chain names ############################################################### IT_INPUT=INPUT IT_INPUT_LOG=LOGINPUT IT_OUTPUT=OUTPUT IT_OUTPUT_LOG=LOGOUTPUT IT_POSTROUTING=POSTROUTING IT_PREROUTING=PREROUTING PATH=/bin:/sbin:/usr/bin:/usr/sbin #Defautl network interface NETWORK_IF=eth0 # Services that the system will offer to the network TCP_SERVICES="22" # SSH only UDP_SERVICES="" # Services the system will use from the network REMOTE_TCP_SERVICES="80 443" # web browsing REMOTE_UDP_SERVICES="53" # DNS # Port used for the SSH service, define this is you have setup a # management network but remove it from TCP_SERVICES SSH_PORT="22" ############################################################### # Default IP_TABLES command path ############################################################### IP_TABLES="/sbin/iptables" IP_TABLES_RESTORE="/sbin/iptables-restore" IP_TABLES_RESTORE_6="/sbin/ip6tables-restore" IP_TABLES_SAVE="/sbin/iptables-save" IP_TABLES_SAVE_6="/sbin/ip6tables-save" ############################################################### # File and folder paths ############################################################### CONFIGURATION_FILE=${CONFIGURATION_DIR}/lfirewall.conf CONFIGURATION_LOCAL_FILE=${CONFIGURATION_DIR}/lfirewall.conf.local USER_RULES_IPTABLES=${CONFIGURATION_DIR}/iptables-user.v4 USER_RULES_IPTABLES_6=${CONFIGURATION_DIR}/iptables-user.v6 ############################################################### ############################################################### # Utility functions definition ############################################################### has_parent_process(){ local parent_to_search local ppid parent_to_search="${1:-}" if [ -z "${parent_to_search:-}" ] then echo "ERROR: need parent process pid as first arg" >&2 return 5 fi local pid pid="${2:-}" if [ -z "${pid:-}" ] then pid=$$ fi if [ $parent_to_search = $pid ] then echo ${parent_to_search} return 0 else if [ $pid -gt 1 ] then ppid=$(ps --pid ${pid} -o ppid= | xargs) || echo "OUT OF RANGE PID=${pid}" >&2 if [ -n "$ppid" ] then if [ $ppid = $pid ] then #echo "ERROR: pid=$pid is the same as ppid=$ppid" >&2 echo -1 else has_parent_process ${parent_to_search} ${ppid} fi else #echo "ERROR: pid='$pid' has ppid='$ppid'" >&2 echo -2 fi else #echo "NOT FOUND: ${parent_to_search}" >&2 echo 1 fi fi return 1 } find_pid_user_of(){ local used_file=$1 local regex="$2" lsof ${used_file} | awk 'NR>1 && $1 ~ /'${regex}'/ && !($2 in a){a[$2]++; print $2}' } find_systemctl_pids(){ local shell_pid local systemctl_pid ps -elf | grep 'systemctl' | grep -v grep | awk '{print $13}' | sort -u | while read term do #echo ${shell_pid} ${systemctl_pid} >&2 if [ -z "${shell_pid:-}" ] then shell_pid=$(find_pid_user_of /dev/$term '.*sh$') fi if [ -z "${systemctl_pid:-}" ] then systemctl_pid=$(find_pid_user_of /dev/$term 'systemctl') fi echo ${shell_pid} ${systemctl_pid} done }