-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfunc.sh
executable file
·166 lines (165 loc) · 3.13 KB
/
func.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
#!/bin/bash
#
# Part of fireball iptables init script
#
# Author: Ilya Lebedev <[email protected]>
# License: LGPL v2
#
############################################################################################################
# Fireball functions
############################################################################################################
#
###
# Loader
function load () {
for pre in $PWD/$1/[0-9]*.conf
do
source $pre
done
}
#
##
# Function calculates number of bit in a netmask
function mask2cidr () {
nbits=0
IFS=.
for dec in $1 ; do
case $dec in
255) let nbits+=8;;
254) let nbits+=7;;
252) let nbits+=6;;
248) let nbits+=5;;
240) let nbits+=4;;
224) let nbits+=3;;
192) let nbits+=2;;
128) let nbits+=1;;
0);;
*) echo "Error: $dec is not recognised"; exit 1
esac
done
echo "$nbits"
}
#
##
# echo helpers
function info () {
$E -e "\e[32;01m*\e[0m $*"
logger "[ipt.info] $*"
}
function err () {
$E -e "\e[31;01m*\e[0m $*"
logger "[ipt.err] $*"
}
function dbg () {
$E -e "\e[33;01m$*\e[0m"
logger "[ipt.dbg] $*"
}
function title () {
$E -e "\e[0;01m$*\e[0m"
logger "[ipt.title] $*"
}
#
###
# Ipset helpers
##
# Adds values to ip set
# $1 - set name
# $2... - ips
function set_add_ip () {
info "Set '$1': \c"
$IPSET create -! $1 hash:ip hashsize 4
for a in ${@:2}
do
$IPSET add -! $1 "$a"
dbg "$a \c"
done
echo ""
}
#
##
# Adds values to net set
# $1 - set name
# $2... - nets
function set_add_net () {
info "Set '$1': \c"
$IPSET create -! $1 hash:net hashsize 4
for a in ${@:2}
do
$IPSET add -! $1 "$a"
dbg "$a \c"
done
echo ""
}
#
##
# Adds values to port set
# $1 - set name
# $2... - ports
function set_add_port () {
info "Set '$1': \c"
$IPSET create -! $1 bitmap:port range 0-65535
for a in ${@:2}
do
$IPSET add -! $1 "$a"
dbg "$a \c"
done
echo ""
}
#
##
# Adds values to ip,port set
# $1 - set name
# $2 - ip
# $3 - protocol
# $4... - ports
function set_add_ip_port () {
info "Set '$1' $2@$3: \c"
$IPSET create -! $1 hash:ip,port hashsize 4
for a in ${@:4}
do
$IPSET add -! $1 "$2,$3:$a"
dbg "$a \c"
done
echo ""
}
#
##
# Adds values to net,port set
# $1 - set name
# $2 - ip
# $3 - protocol
# $4... - ports
function set_add_net_port () {
info "Set '$1' $2@$3: \c"
$IPSET create -! $1 hash:net,port hashsize 4
for a in ${@:4}
do
$IPSET add -! $1 "$2,$3:$a"
dbg "$a \c"
done
echo ""
}
#
##
# Adds values to ip,port,net set
# $1 - set name
# $2 - ip
# $3 - protocol
# $4 - net
# $5... - ports
function set_add_ip_port_net () {
info "Set '$1' $3:$2@$4: \c"
$IPSET create -! $1 hash:ip,port,net hashsize 4
for a in ${@:5}
do
$IPSET add -! $1 "$2,$4:$a,$3"
dbg "$a \c"
done
echo ""
}
#
##
# Flushed set contents
function set_flush () {
$IPSET -q flush $1
}