key-networks · September 25, 2024 01:37
diff --git a/zerotier_rules.sh b/zerotier_rules.sh
 #!/bin/sh
 #
 # ztncui - ZeroTier network controller UI
 # Copyright (C) 2017-2019  Key Networks (https://key-networks.com)
 # Licensed under GPLv3 - see LICENSE for details.
 #

 TOKEN=`sudo cat /var/lib/zerotier-one/authtoken.secret`

 echo -e "This is the list of networks avaialble on this Network Controller:"
 curl -X GET -H "X-ZT1-Auth: $TOKEN" http://localhost:9993/controller/network

 echo -e "\n"
 read -p "Please enter network ID for application of rules: " NETWORK

 echo "Network is $NETWORK"

 echo -e "\n"
 read -p "Do you want to (a)pply or (r)eset the rules? [a/r]: " ACTION

 if [ "$ACTION" = "a" ]; then
  echo -e "Applying rules..."
  curl -X POST -H "X-ZT1-Auth: $TOKEN" -d '{"rules": [{"not":false,"or":false,"type":"MATCH_IP_DEST_PORT_RANGE","start":5353,"end":5353},{"not":false,"or":false,"type":"MATCH_IP_PROTOCOL","ipProtocol":17},{"type":"ACTION_DROP"},{"not":false,"or":false,"type":"MATCH_IPV4_DEST","ip":"224.0.0.251/32"},{"type":"ACTION_DROP"},{"not":false,"or":false,"type":"MATCH_MAC_SOURCE","mac":"01:00:5E:00:00:FB"},{"type":"ACTION_DROP"},{"type":"ACTION_ACCEPT"}]}' http://localhost:9993/controller/network/$NETWORK
 elif [ "$ACTION" = "r" ]; then
  echo -e "Resetting rules to accept all traffic..."
  curl -X POST -H "X-ZT1-Auth: $TOKEN" -d '{"rules": [{"not": false,"or": false,"type":"ACTION_ACCEPT"}]}' http://localhost:9993/controller/network/$NETWORK
 else
  echo -e "Invalid input: $ACTION"
  exit 1
 fi

 echo -e "The current configuration of network $NETWORK is:"
 curl -X GET -H "X-ZT1-Auth: $TOKEN" http://localhost:9993/controller/network/$NETWORK
	#!/bin/sh
	#
	# ztncui - ZeroTier network controller UI
	# Copyright (C) 2017-2019 Key Networks (https://key-networks.com)
	# Licensed under GPLv3 - see LICENSE for details.
	#

	TOKEN=`sudo cat /var/lib/zerotier-one/authtoken.secret`

	echo -e "This is the list of networks avaialble on this Network Controller:"
	curl -X GET -H "X-ZT1-Auth: $TOKEN" http://localhost:9993/controller/network

	echo -e "\n"
	read -p "Please enter network ID for application of rules: " NETWORK

	echo "Network is $NETWORK"

	echo -e "\n"
	read -p "Do you want to (a)pply or (r)eset the rules? [a/r]: " ACTION

	if [ "$ACTION" = "a" ]; then
	echo -e "Applying rules..."
	curl -X POST -H "X-ZT1-Auth: $TOKEN" -d '{"rules": [{"not":false,"or":false,"type":"MATCH_IP_DEST_PORT_RANGE","start":5353,"end":5353},{"not":false,"or":false,"type":"MATCH_IP_PROTOCOL","ipProtocol":17},{"type":"ACTION_DROP"},{"not":false,"or":false,"type":"MATCH_IPV4_DEST","ip":"224.0.0.251/32"},{"type":"ACTION_DROP"},{"not":false,"or":false,"type":"MATCH_MAC_SOURCE","mac":"01:00:5E:00:00:FB"},{"type":"ACTION_DROP"},{"type":"ACTION_ACCEPT"}]}' http://localhost:9993/controller/network/$NETWORK
	elif [ "$ACTION" = "r" ]; then
	echo -e "Resetting rules to accept all traffic..."
	curl -X POST -H "X-ZT1-Auth: $TOKEN" -d '{"rules": [{"not": false,"or": false,"type":"ACTION_ACCEPT"}]}' http://localhost:9993/controller/network/$NETWORK
	else
	echo -e "Invalid input: $ACTION"
	exit 1
	fi

	echo -e "The current configuration of network $NETWORK is:"
	curl -X GET -H "X-ZT1-Auth: $TOKEN" http://localhost:9993/controller/network/$NETWORK