#!/bin/bash CONFIGS=${XDG_CONFIG_HOME:-~/.config} PROFILES=$CONFIGS/firewall.d [ ! -d "$PROFILES" ] && mkdir -p "$PROFILES" DEFAULT_PROFILE="$PROFILES/default" get_profile_path() { profile=$1 if [ -z "$profile" ]; then echo $DEFAULT_PROFILE else echo "$PROFILES/${profile}.rules" fi } set_default_profile() { profile=$1 if [ -n "$profile" ]; then profile_path=$(get_profile_path "$profile") ln -sf "$profile_path" "$DEFAULT_PROFILE" fi } load_profile() { profile=$1 profile_path=$(get_profile_path $profile) if [ ! -e "$profile_path" ]; then return 1 else iptables-restore < $profile_path return $? fi } save_profile() { profile=$1 profile_path=$(get_profile_path $profile) iptables-save > $profile_path return $? } do_load() { profile=$1 if load_profile $profile; then echo "Profile ${profile:-default} loaded successfully." set_default_profile $profile else echo "Loading profile ${profile:-default} failed." fi } do_save() { profile=$1 if save_profile $profile; then echo "Profile ${profile:-default} saved successfully." set_default_profile $profile else echo "Saving profile ${profile:-default} failed." fi } do_list() { echo "List of profiles:" ls $PROFILES | egrep '.rules$' | sed 's/.rules$//g' } do_clear() { iptables -F iptables -X iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT echo "Clearing iptables succeeded." } if [ "$1" == "-h" -o "$1" == "help" ]; then cat < Commands: - load - save - list - clear EOF exit fi if [ "$UID" -ne 0 ]; then echo "You have to be root." exit 1 fi case $1 in load) do_load $2 ;; save) do_save $2 ;; list) do_list ;; clear) do_clear ;; *) echo "Unknown command $1. try help" ;; esac