diff --git a/firewall/firewall b/firewall/firewall new file mode 100644 index 0000000..5c11aba --- /dev/null +++ b/firewall/firewall @@ -0,0 +1,96 @@ +#!/bin/bash +export FIREWALLD=/etc/firewalld + +alias fw="firewall-cmd" +alias fwz="firewall-cmd --zone" +alias fwzi="firewall-cmd --info-zone" +alias fwpr="firewall-cmd --permanent" +alias fwzp="firewall-cmd --permanent --zone" +alias fwr="firewall-cmd --reload" +alias fwh="firewall-cmd --help | more" +alias fwhg="firewall-cmd --help | grep -A3" +alias fwpi="firewall-cmd --info-policy" +alias fwp="firewall-cmd --policy" +alias fwap="firewall-cmd --get-active-policies" +alias fwaz="firewall-cmd --get-active-zones" +alias fwiwan="firewall-cmd --info-zone wan" +alias fwilan="firewall-cmd --info-zone lan" +alias fwivpn="firewall-cmd --info-zone vpn" + +alias inti="ip addr show | grep -A3" + +fwiz () { +firewall-cmd --info-zone wan +firewall-cmd --info-zone lan +firewall-cmd --info-zone vpn +} + +alias fwdr="sudo systemctl restart firewalld" +alias fwds="sudo systemctl start firewalld" +alias fwdst="sudo systemctl status firewalld" +alias fwdstp="sudo systemctl stop firewalld" +alias fwdd="sudo systemctl disable firewalld" +alias fwde="sudo systemctl enable firewalld" + +alias fwdl="journalctl -f -u firewalld" + +fwxd () { +local dir=${2:-zones} +local name +name=${dir:0:-1} +echo disabling $name $1 +if [[ -f $FIREWALLD/$dir/$1.xml ]]; then +# firewall-cmd --get-active-zones +sudo mv $FIREWALLD/$dir/$1.xml $FIREWALLD/$dir/$1.xml.off +sudo systemctl restart firewalld +firewall-cmd --get-active-$dir +else + if [[ -f $FIREWALLD/$dir/$1.xml.off ]]; then + echo $name $1 already disabled + else + echo $name $1 does not exist, no $name to disable + $dir that can be disabled $(ls $FIREWALLD/$dir/*.xml | xargs -I {} basename -- {} .xml) + fi +fi +} + +fwxe () { +local dir=${2:-zones} +local name +name=${dir:0:-1} +echo enabling $name $1 +if [[ -f $FIREWALLD/$dir/$1.xml.off ]]; then +sudo mv $FIREWALLD/$dir/$1.xml.off $FIREWALLD/$dir/$1.xml +sudo systemctl restart firewalld +firewall-cmd --get-active-$dir +else + if [[ -f $FIREWALLD/$dir/$1.xml ]]; then + echo $name $1 already enabled + else + echo $name $1 does not exist, no $name to enable + echo $dir that can be enabled $(fwxdl $dir) + fi +fi +} + +# TODO list disabled zone or policy + +fwzd () { fwxd $1 + } + +fwze () { fwxe $1 + } + +fwpd () { fwxd $1 policies + } + +fwpe () { fwxe $1 policies + } + + + fwxdl () { + ls $FIREWALLD/${1:-zones}/*.xml.off | xargs -I {} basename -- {} .xml.off + } + + + diff --git a/firewall/firewall.inst b/firewall/firewall.inst new file mode 100755 index 0000000..afd4663 --- /dev/null +++ b/firewall/firewall.inst @@ -0,0 +1,11 @@ +#!/bin/bash +if command -v firewall-cmd >/dev/null; then + if [[ $BASH_SHELL_HOSTNAME ]]; then + [[ ! -d $BASH_SHELL_HOSTNAME/load ]] && mkdir $BASH_SHELL_HOSTNAME/load + ln -s $BASH_SHELL_HOST/firewall/firewall $BASH_SHELL_HOSTNAME/load/firewall + cat $BASH_SHELL_HOSTNAME/load/firewall + else + hostn=$(basename $BASH_SHELL_BASE)/$(hostnamectl hostname) + [[ -d $hostn ]] && echo $hostn exists || echo $hostn does not exist + fi +fi diff --git a/misc/ui b/misc/ui new file mode 100644 index 0000000..556676a --- /dev/null +++ b/misc/ui @@ -0,0 +1,15 @@ +gui () { + sudo systemctl isolate graphical.target + sudo systemctl start lightdm + sudo systemctl start nxserver +} + +tui () { + sudo systemctl stop lightdm + sudo systemctl stop nxserver + sudo systemctl isolate multi-user.target + sleep 3 + sudo chvt 2 +} + + diff --git a/misc/ui.inst b/misc/ui.inst new file mode 100755 index 0000000..3350ecd --- /dev/null +++ b/misc/ui.inst @@ -0,0 +1 @@ +ln -s /shell/host/misc/ui /shell/$(hostnamectl hostname)/load