jyotty · August 29, 2015 14:04
diff --git a/fw.sh b/fw.sh
 #!/usr/bin/env bash

 set -e
 set -o pipefail

 BOLD="$(printf "\x1B[1m")"
 CLEAR="$(printf "\x1B[0m")"

 ruledir="$(mktemp -d /tmp/fw.XXXXXX)"

 trap "{ rm -f $ruledir/*; rmdir $ruledir; exit; }" EXIT

 for ip in ip ip6; do
  for chain in $("$ip"tables -S | grep -- -[PN] | awk '{ print $2 }'); do
    "$ip"tables -S "$chain" | nl -v0 >> "$ruledir/$ip"
    echo >> "$ruledir/$ip"
  done 
 done

 diff -W "$(tput cols)" --side-by-side "$ruledir/ip" "$ruledir/ip6" \
  | sed 's/ 0	-[PN]/  	  /g; s/ACCEPT\|DROP\|RETURN\|REJECT/'$BOLD'&'$CLEAR'/g'
	#!/usr/bin/env bash

	set -e
	set -o pipefail

	BOLD="$(printf "\x1B[1m")"
	CLEAR="$(printf "\x1B[0m")"

	ruledir="$(mktemp -d /tmp/fw.XXXXXX)"

	trap "{ rm -f $ruledir/*; rmdir $ruledir; exit; }" EXIT

	for ip in ip ip6; do
	for chain in $("$ip"tables -S \| grep -- -[PN] \| awk '{ print $2 }'); do
	"$ip"tables -S "$chain" \| nl -v0 >> "$ruledir/$ip"
	echo >> "$ruledir/$ip"
	done
	done

	diff -W "$(tput cols)" --side-by-side "$ruledir/ip" "$ruledir/ip6" \
	\| sed 's/ 0 -[PN]/ /g; s/ACCEPT\\|DROP\\|RETURN\\|REJECT/'$BOLD'&'$CLEAR'/g'