You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

69 lines
1.4 KiB

#!/bin/sh /etc/rc.common
# Copyright (C) 2021-2022 Gerald Kerma <gandalf@gk2.net>
START=99
USE_PROCD=1
NAME=crowdsec-firewall-bouncer
PROG=/usr/bin/cs-firewall-bouncer
CONFIG=/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
BACKEND=iptables
VARCONFIGDIR=/var/etc/crowdsec/bouncers
VARCONFIG=/var/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
FW_BACKEND="iptables"
service_triggers() {
procd_add_reload_trigger crowdsec-firewall-bouncer
}
init_config() {
## CheckFirewall
iptables="true"
which iptables > /dev/null
FW_BACKEND=""
if [[ $? != 0 ]]; then
echo "iptables is not present"
iptables="false"
else
FW_BACKEND="iptables"
echo "iptables found"
fi
nftables="true"
which nft > /dev/null
if [[ $? != 0 ]]; then
echo "nftables is not present"
nftables="false"
else
FW_BACKEND="nftables"
echo "nftables found"
fi
if [ "$nftables" = "true" -a "$iptables" = "true" ]; then
echo "Found nftables(default) and iptables..."
fi
if [ "$FW_BACKEND" = "iptables" ]; then
which ipset > /dev/null
if [[ $? != 0 ]]; then
echo "ipset not found, install it !"
fi
fi
BACKEND=$FW_BACKEND
# Create tmp dir & permissions if needed
if [ ! -d "${VARCONFIGDIR}" ]; then
mkdir -m 0755 -p "${VARCONFIGDIR}"
fi;
cp $CONFIG $VARCONFIG
sed -i "s,^\(\s*mode\s*:\s*\).*\$,\1$BACKEND," $VARCONFIG
}
start_service() {
init_config
procd_open_instance
procd_set_param command "$PROG" -c "$VARCONFIG"
procd_close_instance
}