peterneave/generate_allowed_list.sh

## generate_allowed_list.sh
#!/usr/bin/env bash
> allowed_ranges
#Bamboo Triggers
echo '18.205.93.0/25' >> allowed_ranges
echo '18.234.32.128/25' >> allowed_ranges
echo '13.52.5.0/25' >> allowed_ranges
#Atlassian IP Addresses
curl -s https://ip-ranges.atlassian.com/ | jq -r '.items[] | .cidr' >> allowed_ranges
echo Allowed Ranges file generated

## hard_reset_iptables.sh
#!/usr/bin/env bash
read -p "This will delete the iptables and reset based on ufw. Are you sure? " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
  ufw disable
  iptables -F
  iptables -X
  ufw enable
fi

## reload_firewall.sh
#!/usr/bin/env bash

if [ ! -f allowed_ranges ]; then
  echo Generating allowed ranges
  . generate_allowed_list.sh
else
  echo Using allowed ranges file
fi

ufw reset
#Always allow local subnet
ufw allow from 192.168.0.0/16
xargs -a allowed_ranges -n 1 -I % ufw allow from % to any port 443
ufw default deny incoming
ufw default allow outgoing

echo
echo Presenting new rules for review
sleep 1
less /lib/ufw/user.rules

read -p "Would you like to apply the rules now? " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
  ufw enable
  ufw status verbose
fi

read -p "Would you like to delete the old rules now? " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
  rm /lib/ufw/user{,6}.rules.*
  rm /etc/ufw/before{,6}.rules.*
  rm /etc/ufw/after{,6}.rules.*
fi
	#!/usr/bin/env bash
	> allowed_ranges
	#Bamboo Triggers
	echo '18.205.93.0/25' >> allowed_ranges
	echo '18.234.32.128/25' >> allowed_ranges
	echo '13.52.5.0/25' >> allowed_ranges
	#Atlassian IP Addresses
	curl -s https://ip-ranges.atlassian.com/ \| jq -r '.items[] \| .cidr' >> allowed_ranges
	echo Allowed Ranges file generated
	#!/usr/bin/env bash
	read -p "This will delete the iptables and reset based on ufw. Are you sure? " -n 1 -r
	echo
	if [[ $REPLY =~ ^[Yy]$ ]]; then
	ufw disable
	iptables -F
	iptables -X
	ufw enable
	fi
	#!/usr/bin/env bash

	if [ ! -f allowed_ranges ]; then
	echo Generating allowed ranges
	. generate_allowed_list.sh
	else
	echo Using allowed ranges file
	fi

	ufw reset
	#Always allow local subnet
	ufw allow from 192.168.0.0/16
	xargs -a allowed_ranges -n 1 -I % ufw allow from % to any port 443
	ufw default deny incoming
	ufw default allow outgoing

	echo
	echo Presenting new rules for review
	sleep 1
	less /lib/ufw/user.rules

	read -p "Would you like to apply the rules now? " -n 1 -r
	echo
	if [[ $REPLY =~ ^[Yy]$ ]]; then
	ufw enable
	ufw status verbose
	fi

	read -p "Would you like to delete the old rules now? " -n 1 -r
	echo
	if [[ $REPLY =~ ^[Yy]$ ]]; then
	rm /lib/ufw/user{,6}.rules.*
	rm /etc/ufw/before{,6}.rules.*
	rm /etc/ufw/after{,6}.rules.*
	fi