54 lines
1.4 KiB
Bash
54 lines
1.4 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Copyright (C) 2021 by LHProjects <copyright@lhpmail.us>
|
|
#
|
|
# Permission is granted to use, copy, modify, and/or distribute this work for any purpose with or without fee. This work is offered as-is, with absolutely no warranty whatsoever. The author is not responsible for any damages that result from using this work.
|
|
#
|
|
#
|
|
|
|
# Updates FirewallD on s3va.bugzbunny.net when my home IP address changes.
|
|
#
|
|
|
|
# Define variables
|
|
CACHE_IP_FILE=/tmp/update_firewall.cache
|
|
HOME_IP=$(host fwgw.lhprojects.net | cut -d ' ' -f 4)
|
|
|
|
update_firewall () {
|
|
# check if cache IP is in the ipset entries
|
|
ipset_entries=$(firewall-cmd --ipset=node_ips --get-entries 2> /dev/null)
|
|
|
|
found=false
|
|
for ip in $ipset_entries; do
|
|
if [ "$ip" = "$CACHE_IP" ]; then
|
|
# remove old entry
|
|
firewall-cmd --permanent --ipset=node_ips --remove-entry=$ip &> /dev/null
|
|
# add new entry
|
|
firewall-cmd --permanent --ipset=node_ips --add-entry=$HOME_IP &> /dev/null
|
|
# reload firewall
|
|
firewall-cmd --reload &> /dev/null
|
|
found=true
|
|
fi
|
|
done
|
|
|
|
if [ "$found" = false ]; then
|
|
echo "Error: Unable to remove old cache IP: '$CACHE_IP'; Not Found."
|
|
firewall-cmd --info-ipset=node_ips
|
|
exit 1
|
|
else
|
|
echo "$HOME_IP" > $CACHE_IP_FILE
|
|
fi
|
|
}
|
|
|
|
# Check if we have cache IP
|
|
if test -f $CACHE_IP_FILE; then
|
|
CACHE_IP=$(cat $CACHE_IP_FILE)
|
|
if [ "$HOME_IP" != "$CACHE_IP" ]; then
|
|
update_firewall
|
|
fi
|
|
|
|
else
|
|
echo "$HOME_IP" > $CACHE_IP_FILE
|
|
CACHE_IP=$HOME_IP
|
|
update_firewall
|
|
fi
|
|
exit 0 |