Ttech/irc-ident.cron.sh

## irc-ident.cron.sh
#!/bin/bash

# IRC IDENTD ALLOW RULES

# Generated on the fly...
# crontab recommended:
#       30 1 * * * /usr/bin/irc-ident.cron.sh
#  which wil run daily at 1 30 in the morning


# Set these please
CHAIN_NAME='irc-ident'
SERVERS=('chat.freenode.net' 'irc.oftc.net')


# check to see if table exists, if not, create it

/usr/bin/env iptables -S $CHAIN_NAME > /dev/null
if [ $? -eq 1 ]; then
        # create chain
        /usr/bin/env iptables -N ${CHAIN_NAME}
        /usr/bin/env ip6tables -N ${CAIN_NAME}
        # send to ch ain
        /usr/bin/env iptables -A INPUT -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
        /usr/bin/env ip6tables -A INPUT -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
        # iptables -A ufw-before-input -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
        # ip6tables -A ufw-before-input -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
else
        /usr/bin/env iptables -F ${CHAIN_NAME}
        /usr/bin/env ip6tables -F ${CHAIN_NAME}
fi

for server in "${SERVERS[@]}"; do
        ADDRESSES=`host $server|grep -v alias`;
        for address in "${ADDRESSES[@]}"; do
                echo -e "$address\n" | grep "IPv6" | sed -e "s/.*address//g" | xargs -I{} /usr/bin/env ip6tables -A ${CHAIN_NAME} -s {} -j ACCEPT
                echo -e "$address\n" | grep -v "IPv6" | sed -e "s/.*address//g" | xargs -I{} /usr/bin/env iptables -A ${CHAIN_NAME} -s {} -j ACCEPT
        done
done

# return to regular chain, also can switch to something like logdrop, etc
/usr/bin/env iptables -A ${CHAIN_NAME} -j RETURN
/usr/bin/env ip6tables -A ${CHAIN_NAME} -j RETURN
	#!/bin/bash

	# IRC IDENTD ALLOW RULES

	# Generated on the fly...
	# crontab recommended:
	# 30 1 * * * /usr/bin/irc-ident.cron.sh
	# which wil run daily at 1 30 in the morning


	# Set these please
	CHAIN_NAME='irc-ident'
	SERVERS=('chat.freenode.net' 'irc.oftc.net')


	# check to see if table exists, if not, create it

	/usr/bin/env iptables -S $CHAIN_NAME > /dev/null
	if [ $? -eq 1 ]; then
	# create chain
	/usr/bin/env iptables -N ${CHAIN_NAME}
	/usr/bin/env ip6tables -N ${CAIN_NAME}
	# send to ch ain
	/usr/bin/env iptables -A INPUT -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
	/usr/bin/env ip6tables -A INPUT -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
	# iptables -A ufw-before-input -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
	# ip6tables -A ufw-before-input -p tcp -m tcp --dport 113 -j ${CHAIN_NAME}
	else
	/usr/bin/env iptables -F ${CHAIN_NAME}
	/usr/bin/env ip6tables -F ${CHAIN_NAME}
	fi

	for server in "${SERVERS[@]}"; do
	ADDRESSES=`host $server\|grep -v alias`;
	for address in "${ADDRESSES[@]}"; do
	echo -e "$address\n" \| grep "IPv6" \| sed -e "s/.*address//g" \| xargs -I{} /usr/bin/env ip6tables -A ${CHAIN_NAME} -s {} -j ACCEPT
	echo -e "$address\n" \| grep -v "IPv6" \| sed -e "s/.*address//g" \| xargs -I{} /usr/bin/env iptables -A ${CHAIN_NAME} -s {} -j ACCEPT
	done
	done

	# return to regular chain, also can switch to something like logdrop, etc
	/usr/bin/env iptables -A ${CHAIN_NAME} -j RETURN
	/usr/bin/env ip6tables -A ${CHAIN_NAME} -j RETURN