diff options
| author | Casper <me@skylarcloud.xyz> | 2024-12-23 17:13:45 -0700 |
|---|---|---|
| committer | Casper <me@skylarcloud.xyz> | 2024-12-23 17:13:45 -0700 |
| commit | 01a33ab0913d439150065ac23644c4f140ff8917 (patch) | |
| tree | 9ad71bd7e6f5a5aad2c2cdbff4bb75de12565998 /qmenu/qmenu_vm/fqvm_firewall | |
| parent | 7b5a0e9e88f015cb68a46bb657661f4663e287af (diff) | |
added qmenu!
Diffstat (limited to 'qmenu/qmenu_vm/fqvm_firewall')
| -rw-r--r-- | qmenu/qmenu_vm/fqvm_firewall | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/qmenu/qmenu_vm/fqvm_firewall b/qmenu/qmenu_vm/fqvm_firewall new file mode 100644 index 0000000..357ff28 --- /dev/null +++ b/qmenu/qmenu_vm/fqvm_firewall @@ -0,0 +1,81 @@ +rulenumber=1 + +while [ -n "$rulenumber" ]; do + + rulenumber=$(qvm-firewall "$qube" list | dmenu-unlinked -l 50 -p "$qube:" | cut -f1 -d\ ) + + if [ "$(echo "$rulenumber" | wc -w)" -eq 1 ]; then + + # This will equal "NO" if the user selects the top row, + # instead of any existing rule. + if [ "$rulenumber" != NO ]; then + + option=$(printf "Add new rule above rule $rulenumber\nRemove rule $rulenumber" | dmenu-unlinked -i -l 2 -p "$qube:" | cut -f1 -d\ ) + else + option=Add + fi + + if [ "$option" = Remove ]; then + + nyprompt "Remove rule $rulenumber?" && + + qvm-firewall "$qube" del --rule-no "$rulenumber" + + elif [ "$option" = Add ]; then + + [ -n "$RULEARGS" ] && unset RULEARGS + + action=$(printf 'Accept\nDrop' | dmenu-unlinked -i -l 2 -p "Select action for the new firewall rule:" | awk '{print tolower($0)}') + + if [ -n "$action" ]; then + + # Prompt the user to escape matches they want to leave empty. Leaving a match empty by pressing <Return> will prevent the rule from being created. + echo Continue... | dmenu-unlinked -p 'You will now be prompted to select the matches for the new rule. Please skip matches that you want to leave empty by escaping with <Escape> or <C-c>.' > /dev/null 2>&1 + + RULEARGS="$action" + + specialtarget=$(: | dmenu-unlinked -p "ACTION=$RULEARGS <specialtarget>") && + + RULEARGS="$RULEARGS SPECIALTARGET=$specialtarget" + + dsthost=$(: | dmenu-unlinked -p "ACTION=$RULEARGS <dsthost>") && + + RULEARGS="$RULEARGS DSTHOST=$dsthost" + + proto=$(printf 'tcp\nudp\nicmp' | dmenu-unlinked -l 3 -p "ACTION=$RULEARGS <proto>") && + + RULEARGS="$RULEARGS PROTO=$proto" + + if [ "$proto" = tcp ] || [ "$proto" = udp ]; then + + dstports=$(: | dmenu-unlinked -p "ACTION=$RULEARGS <dstports>") && + + RULEARGS="$RULEARGS DSTPORTS=$dstports" + + elif [ "$proto" = icmp ]; then + + icmptype=$(: | dmenu-unlinked -p "ACTION=$RULEARGS <icmptype>") && + + RULEARGS="$RULEARGS ICMPTYPE=$icmptype" + fi + + comment=$(: | dmenu-unlinked -p "ACTION=$RULEARGS <comment>") && + + RULEARGS="$RULEARGS COMMENT=$comment" + + if nyprompt "Add the following rule to $qube? {{ ACTION=$RULEARGS }}"; then + + [ -n "$beforerule" ] && unset beforerule + + [ "$rulenumber" != NO ] && beforerule=$(echo --before "$rulenumber") + + RULEARGS=$(echo "$RULEARGS" | awk '{print tolower($0)}') + + qvm-firewall "$qube" add $beforerule $RULEARGS || + + echo Go back... | dmenu-unlinked -p 'Error: Failed to add firewall rule! See 'qvm-firewall --help' for more information.' > /dev/null 2>&1 + fi + fi + fi + fi +done |