-
Notifications
You must be signed in to change notification settings - Fork 0
/
firewall_function.sh
47 lines (45 loc) · 1.01 KB
/
firewall_function.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
IPprefix_by_netmask() {
#function returns prefix for given netmask in arg1
#$1 = push "route 192.168.1.1 255.255.255.255"
echo "$1" | awk '{
#removing last "
oct = substr($4, 1, length($4) - 1 )
#Splitting string at .
split(oct, octets,".")
mask = 0
for (i in octets) {
#256 = 2^8 = max octet
mask += 8 - log( 256 - octets[i])/log(2);
#octets:
#255 = 0
#0 = 8
}
# returning ip in cidr
if (mask > 0 ){
print $3 "/" mask
}
}'
}
serverRange(){
in="dummy $1\""
out=$(IPprefix_by_netmask "$in")
echo "$out"
}
rule_exists(){
[ $# -lt 1 -o $# -gt 2 ] && {
echo "Usage: rule_exists <rule> [table]" >&2
return 1
}
local rule="$1" ; shift
[ $# -eq 1 ] && local table="--table $2"
iptables $table --check $rule >/dev/null 2>&1
}
chain_exists(){
[ $# -lt 1 -o $# -gt 2 ] && {
echo "Usage: chain_exists <chain_name> [table]" >&2
return 1
}
local chain_name="$1" ; shift
[ $# -eq 1 ] && local table="--table $2"
iptables $table -n --list "$chain_name" >/dev/null 2>&1
}