discarn8 · February 7, 2022 04:47
diff --git a/install_UFW_pi.sh b/install_UFW_pi.sh
 #!/bin/bash

 # **************************************************
 # FILENAME: install_UFW.sh
 # DATE: DEC 2021
 # AUTHOR: RCombs
 #
 # PURPOSE: Install UFW on Raspberry Pi
 # **************************************************

 if [ "$EUID" -ne 0 ]
  then echo "Please run as root.  Exiting..."
  exit
 fi

 NOW=$( date '+%F_%H:%M:%S' )
 logtemp=/tmp/$(hostname)_install-UFW_log_file_$NOW.log
 log=/tmp/$(hostname)_install-UFW_log_file_$NOW.log
 NAS=/NAS
 NAS=/NAS/nagios

 date >> $logtemp
 # append date to log file
 exec 3>&1 4>&2
 trap 'exec 2>&4 1>&3' 0 1 2 3
 exec 1>$logtemp 2>&1
 set -xv
 echo "$(date) : installation of UFW to $(hostname) starting..." >&3
 echo >&3
 echo "Checking for the NAS Mount, first..... " >&3

 if ! test -f $NAS; then
        echo "The NAS does not seem to be configured....Checking fstab..." >&3
        if ! grep -qa 192.168.0.5 /etc/fstab; then
 			echo "NAS is not mounted on this host - Exiting"
 			exit
 		else
 			mount $NAS
 			echo "NAS drive mounted" >&3
 		fi
       if test -f $NAS; then
                echo "Verified - NAS is mounted...Installing UFW" >&3
        else
                echo "There was an error creating the NAS mount" >&3
 		exit;
        fi
 else
 	echo "NAS is mounted - Installing UFW" >&3
 fi

 apt install ufw -y >&3
 echo "ufw limit from 192.168.0.0/24  to any port 22 <---SSH"
 ufw limit from 192.168.0.0/24  to any port 22
 echo "ufw allow from 192.168.0.0/24  to any port 123 <---NTP"
 ufw allow from 192.168.0.0/24  to any port 123
 echo "ufw allow from 192.168.0.0/24  to any port 111 <---NAS"
 ufw allow from 192.168.0.0/24  to any port 111
 echo "ufw allow from 10.10.11.26 to any port 5666 <---Nagios"
 ufw allow from 10.10.11.26 to any port 5666
 echo "ufw allow from 192.168.0.6 to any port 10050 <---Zabbix"
 ufw allow from 192.168.0.6 to any port 10050
 echo "ufw allow from 192.168.0.0/24  to any port 80 <---HTTP"
 ufw allow from 192.168.0.0/24  to any port 80
 echo "ufw allow from 192.168.0.0/24  to any port 10000 <---Webmin"
 ufw allow from 192.168.0.0/24  to any port 10000
 echo "ufw allow from 192.168.0.5  to any port 2049 <---NAS"
 ufw allow from 192.168.0.5  to any port 2049
 echo "ufw enable -y"
 echo "y" | sudo ufw enable
 echo "ufw status verbose"
 ufw status verbose
 systemctl status ufw >&3
 echo "$(date) : UFW installation to $(hostname) completed." >&3
 echo >&3
 cp $logtemp $log
 echo "See $log for details" >&3
	#!/bin/bash

	# **************************************************
	# FILENAME: install_UFW.sh
	# DATE: DEC 2021
	# AUTHOR: RCombs
	#
	# PURPOSE: Install UFW on Raspberry Pi
	# **************************************************

	if [ "$EUID" -ne 0 ]
	then echo "Please run as root. Exiting..."
	exit
	fi

	NOW=$( date '+%F_%H:%M:%S' )
	logtemp=/tmp/$(hostname)_install-UFW_log_file_$NOW.log
	log=/tmp/$(hostname)_install-UFW_log_file_$NOW.log
	NAS=/NAS
	NAS=/NAS/nagios

	date >> $logtemp
	# append date to log file
	exec 3>&1 4>&2
	trap 'exec 2>&4 1>&3' 0 1 2 3
	exec 1>$logtemp 2>&1
	set -xv
	echo "$(date) : installation of UFW to $(hostname) starting..." >&3
	echo >&3
	echo "Checking for the NAS Mount, first..... " >&3

	if ! test -f $NAS; then
	echo "The NAS does not seem to be configured....Checking fstab..." >&3
	if ! grep -qa 192.168.0.5 /etc/fstab; then
	echo "NAS is not mounted on this host - Exiting"
	exit
	else
	mount $NAS
	echo "NAS drive mounted" >&3
	fi
	if test -f $NAS; then
	echo "Verified - NAS is mounted...Installing UFW" >&3
	else
	echo "There was an error creating the NAS mount" >&3
	exit;
	fi
	else
	echo "NAS is mounted - Installing UFW" >&3
	fi

	apt install ufw -y >&3
	echo "ufw limit from 192.168.0.0/24 to any port 22 <---SSH"
	ufw limit from 192.168.0.0/24 to any port 22
	echo "ufw allow from 192.168.0.0/24 to any port 123 <---NTP"
	ufw allow from 192.168.0.0/24 to any port 123
	echo "ufw allow from 192.168.0.0/24 to any port 111 <---NAS"
	ufw allow from 192.168.0.0/24 to any port 111
	echo "ufw allow from 10.10.11.26 to any port 5666 <---Nagios"
	ufw allow from 10.10.11.26 to any port 5666
	echo "ufw allow from 192.168.0.6 to any port 10050 <---Zabbix"
	ufw allow from 192.168.0.6 to any port 10050
	echo "ufw allow from 192.168.0.0/24 to any port 80 <---HTTP"
	ufw allow from 192.168.0.0/24 to any port 80
	echo "ufw allow from 192.168.0.0/24 to any port 10000 <---Webmin"
	ufw allow from 192.168.0.0/24 to any port 10000
	echo "ufw allow from 192.168.0.5 to any port 2049 <---NAS"
	ufw allow from 192.168.0.5 to any port 2049
	echo "ufw enable -y"
	echo "y" \| sudo ufw enable
	echo "ufw status verbose"
	ufw status verbose
	systemctl status ufw >&3
	echo "$(date) : UFW installation to $(hostname) completed." >&3
	echo >&3
	cp $logtemp $log
	echo "See $log for details" >&3