mirror of
https://github.com/tommytran732/Pterodactyl-Script
synced 2024-11-22 18:41:32 -05:00
Remove useless firewall rules
This commit is contained in:
parent
09209f58bb
commit
20cd9681e6
24
install.sh
24
install.sh
@ -14,7 +14,7 @@ PHPMYADMIN=5.1.1
|
|||||||
|
|
||||||
preflight(){
|
preflight(){
|
||||||
output "Pterodactyl Installation & Upgrade Script"
|
output "Pterodactyl Installation & Upgrade Script"
|
||||||
output "Copyright © 2020 Thien Tran <contact@tommytran.io>."
|
output "Copyright © 2021 Thien Tran <contact@tommytran.io>."
|
||||||
output "Please join my Matrix for community support: https://matrix.to/#/#tommytran732:matrix.org"
|
output "Please join my Matrix for community support: https://matrix.to/#/#tommytran732:matrix.org"
|
||||||
output ""
|
output ""
|
||||||
|
|
||||||
@ -825,9 +825,8 @@ firewall(){
|
|||||||
yum -y install iptables
|
yum -y install iptables
|
||||||
fi
|
fi
|
||||||
|
|
||||||
curl -sSL https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/iptables-no-prompt.sh | sudo bash
|
|
||||||
block_icmp
|
block_icmp
|
||||||
javapipe_kernel
|
|
||||||
output "Setting up Fail2Ban..."
|
output "Setting up Fail2Ban..."
|
||||||
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
||||||
apt -y install fail2ban
|
apt -y install fail2ban
|
||||||
@ -899,7 +898,7 @@ block_icmp(){
|
|||||||
1 ) if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
1 ) if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
||||||
sed -i '/ufw-before-input.*icmp/s/ACCEPT/DROP/g' /etc/ufw/before.rules
|
sed -i '/ufw-before-input.*icmp/s/ACCEPT/DROP/g' /etc/ufw/before.rules
|
||||||
sudo ufw reload
|
sudo ufw reload
|
||||||
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ]; then
|
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ] || [ "$lsb_dist" = "rocky" ]; then
|
||||||
firewall-cmd --permanent --add-icmp-block-inversion
|
firewall-cmd --permanent --add-icmp-block-inversion
|
||||||
firewall-cmd --reload
|
firewall-cmd --reload
|
||||||
fi
|
fi
|
||||||
@ -911,21 +910,6 @@ block_icmp(){
|
|||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
|
|
||||||
javapipe_kernel(){
|
|
||||||
output "Apply JavaPipe's kernel configurations (https://javapipe.com/blog/iptables-ddos-protection)?"
|
|
||||||
output "[1] Yes."
|
|
||||||
output "[2] No."
|
|
||||||
read javapipe
|
|
||||||
case $javapipe in
|
|
||||||
1) sh -c "$(curl -sSL https://raw.githubusercontent.com/tommytran732/Anti-DDOS-Iptables/master/javapipe_kernel.sh)"
|
|
||||||
;;
|
|
||||||
2) output "JavaPipe kernel modifications not applied."
|
|
||||||
;;
|
|
||||||
* ) output "You did not enter a valid selection."
|
|
||||||
javapipe_kernel
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
|
|
||||||
install_database() {
|
install_database() {
|
||||||
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
||||||
apt -y install mariadb-server
|
apt -y install mariadb-server
|
||||||
@ -974,7 +958,7 @@ install_database() {
|
|||||||
|
|
||||||
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
if [ "$lsb_dist" = "ubuntu" ] || [ "$lsb_dist" = "debian" ]; then
|
||||||
yes | ufw allow 3306
|
yes | ufw allow 3306
|
||||||
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ]; then
|
elif [ "$lsb_dist" = "centos" ] || [ "$lsb_dist" = "fedora" ] || [ "$lsb_dist" = "rhel" ] || [ "$lsb_dist" = "rocky" ]; then
|
||||||
firewall-cmd --permanent --add-service=mysql
|
firewall-cmd --permanent --add-service=mysql
|
||||||
firewall-cmd --reload
|
firewall-cmd --reload
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user