tumik
/
ip_lists
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ip_lists/baf_script.sh

53 lines
1.7 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
set -euo pipefail
git pull --no-rebase
echo "Last update:"
git log --pretty -n1
echo
file=firewall_blocklist
echo '# Automatically generated portion beginning, do not touch # AUTOGEN' > $file
echo "config rule # AUTOGEN" >> $file
echo " option name 'BLOCKLIST src' # AUTOGEN" >> $file
echo " list proto 'all' # AUTOGEN" >> $file
echo " option src '*' # AUTOGEN" >> $file
iplist=$(cat blocklist.txt)
for ip in $iplist
do
echo " list src_ip '$ip' # AUTOGEN" >> $file
done
echo " option dest '*' # AUTOGEN" >> $file
echo " option target 'DROP' # AUTOGEN" >> $file
echo " # AUTOGEN" >> $file
echo "config rule # AUTOGEN" >> $file
echo " option name 'BLOCKLIST dest' # AUTOGEN" >> $file
echo " list proto 'all' # AUTOGEN" >> $file
echo " option src '*' # AUTOGEN" >> $file
echo " option dest '*' # AUTOGEN" >> $file
iplist=$(cat blocklist.txt)
for ip in $iplist
do
echo " list dest_ip '$ip' # AUTOGEN" >> $file
done
echo " option target 'DROP' # AUTOGEN" >> $file
echo '# Automatically generated portion ending. Contact tumik for changes. # AUTOGEN' >> $file
scp firewall_blocklist fw2-baf:/etc/config/firewall_blocklist
ssh fw2-baf "grep -v '# AUTOGEN' /etc/config/firewall > /etc/config/firewall_base"
ssh fw2-baf "cat /etc/config/firewall_base /etc/config/firewall_blocklist > /etc/config/firewall"
ssh fw2-baf "/etc/init.d/firewall reload"
echo "fw2-baf updated"
#
scp firewall_blocklist fw1-baf:/etc/config/firewall_blocklist
ssh fw1-baf "grep -v '# AUTOGEN' /etc/config/firewall > /etc/config/firewall_base"
ssh fw1-baf "cat /etc/config/firewall_base /etc/config/firewall_blocklist > /etc/config/firewall"
ssh fw1-baf "/etc/init.d/firewall reload"
echo "fw1-baf updated"
Reference in New Issue View Git Blame Copy Permalink