Nonymus/vnc_esxi_65.sh

## vnc_esxi_65.sh
#!/bin/sh

mkdir /store/firewall

# Copy the service.xml firewall rules to a central storage
# so they can survive reboot
cp /etc/vmware/firewall/service.xml /store/firewall

# Remove end tag so rule addition works as expected
sed -i "s/<\/ConfigRoot>//" /store/firewall/service.xml

# Add rule for vnc connections
echo "
  <service id='0033'>
    <id>vnc</id>
    <rule id='0000'>
      <direction>inbound</direction>
      <protocol>tcp</protocol>
      <porttype>dst</porttype>
      <port>
        <begin>5900</begin>
        <end>6000</end>
      </port>
    </rule>
    <enabled>true</enabled>
    <required>true</required>
  </service>
</ConfigRoot>" >> /store/firewall/service.xml

# Copy updated service.xml firewall rules to expected location
# Refresh the firewall rules
chmod 0644 /etc/vmware/firewall/service.xml
chmod +t /etc/vmware/firewall/service.xml
cat /store/firewall/service.xml > /etc/vmware/firewall/service.xml
chmod 0444 /etc/vmware/firewall/service.xml
chmod -t /etc/vmware/firewall/service.xml
esxcli network firewall refresh
sed -i "s/exit 0//" /etc/rc.local.d/local.sh

# Add steps to profile.local to repeat these steps on reboot
echo "
chmod 0644 /etc/vmware/firewall/service.xml
chmod +t /etc/vmware/firewall/service.xml
cat /store/firewall/service.xml > /etc/vmware/firewall/service.xml
chmod 0444 /etc/vmware/firewall/service.xml
chmod -t /etc/vmware/firewall/service.xml
esxcli network firewall refresh
exit 0" >> /etc/rc.local.d/local.sh
	#!/bin/sh

	mkdir /store/firewall

	# Copy the service.xml firewall rules to a central storage
	# so they can survive reboot
	cp /etc/vmware/firewall/service.xml /store/firewall

	# Remove end tag so rule addition works as expected
	sed -i "s/<\/ConfigRoot>//" /store/firewall/service.xml

	# Add rule for vnc connections
	echo "
	<service id='0033'>
	<id>vnc</id>
	<rule id='0000'>
	<direction>inbound</direction>
	<protocol>tcp</protocol>
	<porttype>dst</porttype>
	<port>
	<begin>5900</begin>
	<end>6000</end>
	</port>
	</rule>
	<enabled>true</enabled>
	<required>true</required>
	</service>
	</ConfigRoot>" >> /store/firewall/service.xml

	# Copy updated service.xml firewall rules to expected location
	# Refresh the firewall rules
	chmod 0644 /etc/vmware/firewall/service.xml
	chmod +t /etc/vmware/firewall/service.xml
	cat /store/firewall/service.xml > /etc/vmware/firewall/service.xml
	chmod 0444 /etc/vmware/firewall/service.xml
	chmod -t /etc/vmware/firewall/service.xml
	esxcli network firewall refresh
	sed -i "s/exit 0//" /etc/rc.local.d/local.sh

	# Add steps to profile.local to repeat these steps on reboot
	echo "
	chmod 0644 /etc/vmware/firewall/service.xml
	chmod +t /etc/vmware/firewall/service.xml
	cat /store/firewall/service.xml > /etc/vmware/firewall/service.xml
	chmod 0444 /etc/vmware/firewall/service.xml
	chmod -t /etc/vmware/firewall/service.xml
	esxcli network firewall refresh
	exit 0" >> /etc/rc.local.d/local.sh