Created
January 29, 2016 20:10
-
-
Save anonymous/f11d482ebb6670b0bbca to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # allow-ssh-host: | |
| # | |
| # Copyright (c) 2016 root. All rights reserved. | |
| # | |
| # | |
| # $Id:$ | |
| # | |
| set -e | |
| if [ -z "${1}" ]; then | |
| echo "No host name specified; bailing" | |
| exit 17 | |
| fi | |
| ADDR=$(host -4 "${1}" | awk '{print $NF}' | head -n 1) | |
| if ! [[ "${ADDR}" =~ (([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]) ]] ; then | |
| exit 21 | |
| fi | |
| echo "${ADDR}" > "/etc/network/${1}.new" | |
| if [ -e "/etc/network/${1}.dyn" ] ; then | |
| OLDADDR=$(cat "/etc/network/${1}.dyn") | |
| else | |
| exit 25 | |
| fi | |
| if [ x"${OLDADDR}" == x"${ADDR}" ] ; then | |
| # nothing to do so | |
| rm "/etc/network/${1}.new" | |
| exit 30 | |
| fi | |
| # remove old address from firewall | |
| iptables -C INPUT -s "${OLDADDR}"/32 -i eth0 -j ACCEPT && iptables -D INPUT -s "${OLDADDR}"/32 -i eth0 -j ACCEPT | |
| iptables -C FORWARD -s "${OLDADDR}"/32 -i eth0 -j ACCEPT && iptables -D FORWARD -s "${OLDADDR}"/32 -i eth0 -j ACCEPT | |
| # add new rule | |
| iptables -I INPUT 5 -s "${ADDR}"/32 -i eth0 -j ACCEPT | |
| iptables -I FORWARD 5 -s "${ADDR}"/32 -i eth0 -j ACCEPT | |
| # move file to become new | |
| mv "/etc/network/${1}.new" "/etc/network/${1}.dyn" | |
| # exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment