Nano/lazy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Nano:2aeb16e9f77b37fbea1d82eabad91487f25e2e60
Branches Tags
Nano:main
..
compare: Nano:5b8c71265bf6fef95e09efe0436bf9719c1945ab
Branches Tags
Nano:main

No commits in common. "2aeb16e9f77b37fbea1d82eabad91487f25e2e60" and "5b8c71265bf6fef95e09efe0436bf9719c1945ab" have entirely different histories.
2aeb16e9f7 ... 5b8c71265b

5 changed files with 41 additions and 44 deletions
Show Stats Expand all files Collapse all files

80
configure_priv.sh
View File

@ -353,49 +353,49 @@ configure_fail2ban() {
fi fi
} }
# configure_iptables() { configure_iptables() {
# [ $offline -eq 1 ] && return [ $offline -eq 1 ] && return
# [ "$(uname)" = "Darwin" ] && return [ "$(uname)" = "Darwin" ] && return
# # 如果 ufw 是 active就直接返回 # 如果 ufw 是 active就直接返回
# if command_exists ufw; then if command_exists ufw; then
# if sudo ufw status | grep -q "Status: active"; then if sudo ufw status | grep -q "Status: active"; then
# echo "检测到 ufw 已启用,跳过 iptables 配置。" echo "检测到 ufw 已启用,跳过 iptables 配置。"
# return return
# fi fi
# if confirm_action "检测到 ufw 已存在,是否直接使用 ufw 进行管理,跳过 iptables" "Y"; then if confirm_action "检测到 ufw 已存在,是否直接使用 ufw 进行管理,跳过 iptables" "Y"; then
# return return
# fi fi
# fi fi
# if command_exists ifquery && systemctl is-active --quiet networking; then if command_exists ifquery && systemctl is-active --quiet networking; then
# # ifupdown: /etc/network/if-pre-up.d/iptables-load # ifupdown: /etc/network/if-pre-up.d/iptables-load
# [ -f /etc/network/if-pre-up.d/iptables-load ] && return [ -f /etc/network/if-pre-up.d/iptables-load ] && return
# if confirm_action "要配置 iptables 吗?" "N"; then if confirm_action "要配置 iptables 吗?" "N"; then
# sudo cp $scriptdir/files/iptables-load /etc/network/if-pre-up.d/iptables-load sudo cp $scriptdir/files/iptables-load /etc/network/if-pre-up.d/iptables-load
# sudo chmod +x /etc/network/if-pre-up.d/iptables-load sudo chmod +x /etc/network/if-pre-up.d/iptables-load
# sudo sh /etc/network/if-pre-up.d/iptables-load sudo sh /etc/network/if-pre-up.d/iptables-load
# fi fi
# else else
# # systemd: /etc/network/iptables-load # systemd: /etc/network/iptables-load
# [ -f /etc/network/iptables-load ] && return [ -f /etc/network/iptables-load ] && return
# if confirm_action "要配置 iptables 吗?" "N"; then if confirm_action "要配置 iptables 吗?" "N"; then
# if [ -f /etc/network/if-pre-up.d/iptables-load ]; then if [ -f /etc/network/if-pre-up.d/iptables-load ]; then
# sudo mv /etc/network/if-pre-up.d/iptables-load /etc/network/iptables-load sudo mv /etc/network/if-pre-up.d/iptables-load /etc/network/iptables-load
# else else
# sudo cp $scriptdir/files/iptables-load /etc/network/iptables-load sudo cp $scriptdir/files/iptables-load /etc/network/iptables-load
# sudo chmod +x /etc/network/iptables-load sudo chmod +x /etc/network/iptables-load
# sudo sh /etc/network/iptables-load sudo sh /etc/network/iptables-load
# fi fi
# sudo cp $scriptdir/files/iptables-load.service /etc/systemd/system/iptables-load.service sudo cp $scriptdir/files/iptables-load.service /etc/systemd/system/iptables-load.service
# sudo chmod +x /etc/systemd/system/iptables-load.service sudo chmod +x /etc/systemd/system/iptables-load.service
# sudo systemctl daemon-reload sudo systemctl daemon-reload
# sudo systemctl start iptables-load.service sudo systemctl start iptables-load.service
# sudo systemctl enable iptables-load.service sudo systemctl enable iptables-load.service
# fi fi
# fi fi
# } }
configure_ufw() { configure_ufw() {
[ $offline -eq 1 ] && return [ $offline -eq 1 ] && return

0
files/.archived/iptables-load → files/iptables-load
View File

0
files/.archived/iptables-load.service → files/iptables-load.service
View File

3
files/jail.local
View File

@ -11,9 +11,6 @@ maxretry = 5
# banaction = firewallcmd-ipset # banaction = firewallcmd-ipset
# action = %(action_mwl)s # action = %(action_mwl)s
banaction = nftables
banaction_allports = nftables[type=allports]
[sshd] [sshd]
enabled = true enabled = true
filter = sshd filter = sshd

2
files/zsh/51-alias.zsh
View File

@ -13,7 +13,7 @@ alias hg='history | grep'
command_exists() { command -v "$@" >/dev/null 2>&1; } command_exists() { command -v "$@" >/dev/null 2>&1; }
if command_exists iptables; then if command_exists iptables; then
alias ipl='sudo iptables -L -n -v' alias ipl='sudo iptables -L -n'
if [ -f "/etc/network/iptables-load" ]; then if [ -f "/etc/network/iptables-load" ]; then
alias ipe='sudo vi /etc/network/iptables-load' alias ipe='sudo vi /etc/network/iptables-load'
alias ips='sudo /etc/network/iptables-load' alias ips='sudo /etc/network/iptables-load'