Trang chủ Khám phá Trợ giúp
Đăng nhập
fusionpbx
/
fusionpbx-install.sh
mirror of https://github.com/fusionpbx/fusionpbx-install.sh.git
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: 8d7ee0fd50
Branches Tags
fusionpbx-insta...
/
centos
/
resources
/
firewalld.sh

firewalld.sh 2.3 KB
Lịch sử Raw

12345678910111213141516171819202122232425262728293031323334353637 
  1. #!/bin/sh
    2. 

  2. 

  3. #move to script directory so all relative paths work
    4. 

  4. cd "$(dirname "$0")"
    5. 

  5. 

  6. #includes
    7. 

  7. . ./config.sh
    8. 

  8. . ./colors.sh
    9. 

  9. 

  10. #send a message
    11. 

  11. verbose "Configuring FirewallD"
    12. 

  12. #ssh should be on by default
    13. 

  13. 

  14. #configure the firewall
    15. 

  15. firewall-cmd --permanent --zone=public --add-service={http,https}
    16. 

  16. firewall-cmd --permanent --zone=public --add-port={5060,5061,5080,5081}/udp
    17. 

  17. firewall-cmd --permanent --zone=public --add-port={5060,5061,5080,5081}/tcp
    18. 

  18. firewall-cmd --permanent --zone=public --add-port=16384-32768/udp
    19. 

  19. 

  20. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5060:5061 -m string --string "friendly-scanner" --algo bm -j DROP
    21. 

  21. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5060:5061 -m string --string "sipcli/" --algo bm -j DROP
    22. 

  22. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5060:5061 -m string --string "VaxSIPUserAgent/" --algo bm -j DROP
    23. 

  23. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5060:5061 -m string --string "friendly-scanner" --algo bm -j DROP
    24. 

  24. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5060:5061 -m string --string "sipcli/" --algo bm -j DROP
    25. 

  25. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5060:5061 -m string --string "VaxSIPUserAgent/" --algo bm -j DROP
    26. 

  26. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5080:5081 -m string --string "friendly-scanner" --algo bm -j DROP
    27. 

  27. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5080:5081 -m string --string "sipcli/" --algo bm -j DROP
    28. 

  28. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 5080:5081 -m string --string "VaxSIPUserAgent/" --algo bm -j DROP
    29. 

  29. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5080:5081 -m string --string "friendly-scanner" --algo bm -j DROP
    30. 

  30. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5080:5081 -m string --string "sipcli/" --algo bm -j DROP
    31. 

  31. firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 5080:5081 -m string --string "VaxSIPUserAgent/" --algo bm -j DROP
    32. 

  32. firewall-cmd --add-service openvpn
    33. 

  33. firewall-cmd --permanent --add-service openvpn
    34. 

  34. firewall-cmd --reload
    35. 

  35. 

  36. #send a message
    37. 

  37. verbose "FirewallD configured"
    38.