OXIESEC PANEL
- Current Dir:
/
/
snap
/
core
/
17200
/
usr
/
sbin
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
06/06/2024 02:31:58 PM
rwxr-xr-x
📄
aa-exec
22.16 KB
06/29/2023 11:30:47 AM
rwxr-xr-x
📄
aa-remove-unknown
2.86 KB
06/29/2023 11:30:39 AM
rwxr-xr-x
📄
aa-status
7.11 KB
06/29/2023 11:30:39 AM
rwxr-xr-x
📄
add-shell
695 bytes
01/26/2016 06:17:55 PM
rwxr-xr-x
📄
addgroup
36.4 KB
07/02/2015 08:11:22 PM
rwxr-xr-x
📄
adduser
36.4 KB
07/02/2015 08:11:22 PM
rwxr-xr-x
📄
apparmor_status
7.11 KB
06/29/2023 11:30:39 AM
rwxr-xr-x
📄
arp
54.09 KB
06/30/2014 01:19:24 PM
rwxr-xr-x
📄
arpd
46.74 KB
04/16/2019 12:37:11 PM
rwxr-xr-x
📄
chat
26.01 KB
07/23/2020 03:09:52 PM
rwxr-xr-x
📄
chgpasswd
53.33 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
chpasswd
49.43 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
chroot
38.8 KB
03/02/2017 06:07:22 PM
rwxr-xr-x
📄
cpgr
51.48 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
cppw
51.48 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
cron
43.43 KB
05/10/2022 10:15:25 PM
rwxr-xr-x
📄
delgroup
16.13 KB
07/02/2015 08:11:22 PM
rwxr-xr-x
📄
deluser
16.13 KB
07/02/2015 08:11:22 PM
rwxr-xr-x
📄
dnsmasq
379.6 KB
04/18/2023 08:21:30 AM
rwxr-xr-x
📄
dpkg-divert
0 bytes
01/01/1970 12:00:00 AM
---------
📄
dpkg-preconfigure
3.52 KB
05/08/2019 06:33:33 PM
rwxr-xr-x
📄
dpkg-reconfigure
4.23 KB
05/08/2019 06:33:33 PM
rwxr-xr-x
📄
dpkg-statoverride
0 bytes
01/01/1970 12:00:00 AM
---------
📄
e2freefrag
10.24 KB
06/03/2022 08:47:31 PM
rwxr-xr-x
📄
e4defrag
26.53 KB
06/03/2022 08:47:31 PM
rwxr-xr-x
📄
faillock
14.4 KB
02/02/2023 06:52:20 PM
rwxr-xr-x
📄
fanatic
35.21 KB
12/12/2017 04:13:01 PM
rwxr-xr-x
📄
fanctl
41.97 KB
04/23/2019 10:35:14 AM
rwxr-xr-x
📄
fdformat
22.57 KB
06/14/2022 09:28:54 PM
rwxr-xr-x
📄
filefrag
14.31 KB
06/03/2022 08:47:31 PM
rwxr-xr-x
📄
genl
46.69 KB
04/16/2019 12:37:11 PM
rwxr-xr-x
📄
groupadd
57.42 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
groupdel
65.83 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
groupmod
67.7 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
grpck
53.31 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
grpconv
49.19 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
grpunconv
49.2 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
iconvconfig
26.66 KB
11/28/2023 02:47:37 PM
rwxr-xr-x
📄
invoke-rc.d
19.41 KB
11/29/2016 05:28:22 PM
rwxr-xr-x
📄
ip6tables-apply
6.85 KB
02/19/2016 03:20:21 PM
rwxr-xr-x
📄
iptables-apply
6.85 KB
02/19/2016 03:20:21 PM
rwxr-xr-x
📄
ldattach
26.63 KB
06/14/2022 09:28:54 PM
rwxr-xr-x
📄
logrotate
63.11 KB
08/10/2017 03:16:07 PM
rwxr-xr-x
📄
mkinitramfs
10.24 KB
10/07/2019 10:53:35 AM
rwxr-xr-x
📄
mklost+found
10.25 KB
06/03/2022 08:47:31 PM
rwxr-xr-x
📄
netplan
17.94 KB
09/27/2019 04:27:57 PM
rwxr-xr-x
📄
newusers
73.84 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
nfnl_osf
14.37 KB
02/19/2016 03:21:11 PM
rwxr-xr-x
📄
nologin
5.95 KB
02/07/2024 10:59:50 AM
rwxr-xr-x
📄
pam-auth-update
19.09 KB
02/02/2023 06:50:45 PM
rwxr-xr-x
📄
pam_getenv
2.82 KB
02/02/2023 06:50:45 PM
rwxr-xr-x
📄
pam_timestamp_check
10.38 KB
02/02/2023 06:52:20 PM
rwxr-xr-x
📄
pppd
385.73 KB
07/23/2020 03:09:52 PM
rwxr-xr--
📄
pppdump
18.1 KB
07/23/2020 03:09:52 PM
rwxr-xr-x
📄
pppoe-discovery
18 KB
07/23/2020 03:09:52 PM
rwxr-xr-x
📄
pppstats
13.99 KB
07/23/2020 03:09:51 PM
rwxr-xr-x
📄
pwck
45.36 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
pwconv
41.27 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
pwunconv
36.43 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
readprofile
14.52 KB
06/14/2022 09:28:54 PM
rwxr-xr-x
📄
remove-shell
749 bytes
01/26/2016 06:17:55 PM
rwxr-xr-x
📄
rfkill
10.29 KB
06/20/2018 11:54:19 AM
rwxr-xr-x
📄
rmt
54.95 KB
12/06/2023 12:12:24 PM
rwxr-xr-x
📄
rmt-tar
54.95 KB
12/06/2023 12:12:24 PM
rwxr-xr-x
📄
rsyslogd
585.28 KB
05/23/2022 05:31:02 PM
rwxr-xr-x
📄
rtcwake
38.8 KB
06/14/2022 09:28:54 PM
rwxr-xr-x
📄
service
9.82 KB
09/12/2016 08:57:57 AM
rwxr-xr-x
📄
setvesablank
10.27 KB
09/22/2016 05:33:23 PM
rwxr-xr-x
📄
sshd
772.48 KB
01/09/2024 03:07:56 PM
rwxr-xr-x
📄
tarcat
936 bytes
12/06/2023 12:12:23 PM
rwxr-xr-x
📄
tunelp
22.53 KB
06/14/2022 09:28:54 PM
rwxr-xr-x
📄
tzconfig
106 bytes
01/03/2024 12:40:26 PM
rwxr-xr-x
📄
update-alternatives
46.61 KB
05/27/2022 10:37:03 AM
rwxr-xr-x
📄
update-ca-certificates
5.25 KB
05/24/2023 12:18:18 PM
rwxr-xr-x
📄
update-initramfs
8.38 KB
10/07/2019 10:53:35 AM
rwxr-xr-x
📄
update-mime
8.84 KB
10/30/2015 03:39:30 PM
rwxr-xr-x
📄
update-passwd
30.41 KB
01/02/2016 11:13:25 PM
rwxr-xr-x
📄
update-rc.d
14.1 KB
02/29/2016 12:24:38 PM
rwxr-xr-x
📄
useradd
118.72 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
userdel
81.92 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
usermod
118.5 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
vcstime
6.26 KB
09/22/2016 05:33:23 PM
rwxr-xr-x
📄
vigr
55.7 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
vipw
55.7 KB
02/07/2024 10:59:49 AM
rwxr-xr-x
📄
visudo
187.89 KB
05/24/2023 01:48:57 PM
rwxr-xr-x
📄
zic
50.54 KB
11/28/2023 02:47:37 PM
rwxr-xr-x
Editing: iptables-apply
Close
#!/bin/bash # iptables-apply -- a safer way to update iptables remotely # # Usage: # iptables-apply [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]} # # Versions: # * 1.0 Copyright 2006 Martin F. Krafft <madduck@madduck.net> # Original version # * 1.1 Copyright 2010 GW <gw.2010@tnode.com or http://gw.tnode.com/> # Added parameter -c (run command) # Added parameter -w (save successfully applied rules to file) # Major code cleanup # # Released under the terms of the Artistic Licence 2.0 # set -eu PROGNAME="${0##*/}" VERSION=1.1 ### Default settings DEF_TIMEOUT=10 MODE=0 # apply rulesfile mode # MODE=1 # run command mode case "$PROGNAME" in (*6*) SAVE=ip6tables-save RESTORE=ip6tables-restore DEF_RULESFILE="/etc/network/ip6tables.up.rules" DEF_SAVEFILE="$DEF_RULESFILE" DEF_RUNCMD="/etc/network/ip6tables.up.run" ;; (*) SAVE=iptables-save RESTORE=iptables-restore DEF_RULESFILE="/etc/network/iptables.up.rules" DEF_SAVEFILE="$DEF_RULESFILE" DEF_RUNCMD="/etc/network/iptables.up.run" ;; esac ### Functions function blurb() { cat <<-__EOF__ $PROGNAME $VERSION -- a safer way to update iptables remotely __EOF__ } function copyright() { cat <<-__EOF__ $PROGNAME has been published under the terms of the Artistic Licence 2.0. Original version - Copyright 2006 Martin F. Krafft <madduck@madduck.net>. Version 1.1 - Copyright 2010 GW <gw.2010@tnode.com or http://gw.tnode.com/>. __EOF__ } function about() { blurb echo copyright } function usage() { blurb echo cat <<-__EOF__ Usage: $PROGNAME [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]} The script will try to apply a new rulesfile (as output by iptables-save, read by iptables-restore) or run a command to configure iptables and then prompt the user whether the changes are okay. If the new iptables rules cut the existing connection, the user will not be able to answer affirmatively. In this case, the script rolls back to the previous working iptables rules after the timeout expires. Successfully applied rules can also be written to savefile and later used to roll back to this state. This can be used to implement a store last good configuration mechanism when experimenting with an iptables setup script: $PROGNAME -w $DEF_SAVEFILE -c $DEF_RUNCMD When called as ip6tables-apply, the script will use ip6tables-save/-restore and IPv6 default values instead. Default value for rulesfile is '$DEF_RULESFILE'. Options: -t seconds, --timeout seconds Specify the timeout in seconds (default: $DEF_TIMEOUT). -w savefile, --write savefile Specify the savefile where successfully applied rules will be written to (default if empty string is given: $DEF_SAVEFILE). -c runcmd, --command runcmd Run command runcmd to configure iptables instead of applying a rulesfile (default: $DEF_RUNCMD). -h, --help Display this help text. -V, --version Display version information. __EOF__ } function checkcommands() { for cmd in "${COMMANDS[@]}"; do if ! command -v "$cmd" >/dev/null; then echo "Error: needed command not found: $cmd" >&2 exit 127 fi done } function revertrules() { echo -n "Reverting to old iptables rules... " "$RESTORE" <"$TMPFILE" echo "done." } ### Parsing and checking parameters TIMEOUT="$DEF_TIMEOUT" SAVEFILE="" SHORTOPTS="t:w:chV"; LONGOPTS="timeout:,write:,command,help,version"; OPTS=$(getopt -s bash -o "$SHORTOPTS" -l "$LONGOPTS" -n "$PROGNAME" -- "$@") || exit $? for opt in $OPTS; do case "$opt" in (-*) unset OPT_STATE ;; (*) case "${OPT_STATE:-}" in (SET_TIMEOUT) eval TIMEOUT=$opt;; (SET_SAVEFILE) eval SAVEFILE=$opt [ -z "$SAVEFILE" ] && SAVEFILE="$DEF_SAVEFILE" ;; esac ;; esac case "$opt" in (-t|--timeout) OPT_STATE="SET_TIMEOUT";; (-w|--write) OPT_STATE="SET_SAVEFILE";; (-c|--command) MODE=1;; (-h|--help) usage >&2; exit 0;; (-V|--version) about >&2; exit 0;; (--) break;; esac shift done # Validate parameters if [ "$TIMEOUT" -ge 0 ] 2>/dev/null; then TIMEOUT=$(($TIMEOUT)) else echo "Error: timeout must be a positive number" >&2 exit 1 fi if [ -n "$SAVEFILE" -a -e "$SAVEFILE" -a ! -w "$SAVEFILE" ]; then echo "Error: savefile not writable: $SAVEFILE" >&2 exit 8 fi case "$MODE" in (1) # Treat parameter as runcmd (run command mode) RUNCMD="${1:-$DEF_RUNCMD}" if [ ! -x "$RUNCMD" ]; then echo "Error: runcmd not executable: $RUNCMD" >&2 exit 6 fi # Needed commands COMMANDS=(mktemp "$SAVE" "$RESTORE" "$RUNCMD") checkcommands ;; (*) # Treat parameter as rulesfile (apply rulesfile mode) RULESFILE="${1:-$DEF_RULESFILE}"; if [ ! -r "$RULESFILE" ]; then echo "Error: rulesfile not readable: $RULESFILE" >&2 exit 2 fi # Needed commands COMMANDS=(mktemp "$SAVE" "$RESTORE") checkcommands ;; esac ### Begin work # Store old iptables rules to temporary file TMPFILE=`mktemp /tmp/$PROGNAME-XXXXXXXX` trap "rm -f $TMPFILE" EXIT 1 2 3 4 5 6 7 8 10 11 12 13 14 15 if ! "$SAVE" >"$TMPFILE"; then # An error occured if ! grep -q ipt /proc/modules 2>/dev/null; then echo "Error: iptables support lacking from the kernel" >&2 exit 3 else echo "Error: unknown error saving old iptables rules: $TMPFILE" >&2 exit 4 fi fi # Legacy to stop the fail2ban daemon if present [ -x /etc/init.d/fail2ban ] && /etc/init.d/fail2ban stop # Configure iptables case "$MODE" in (1) # Run command in background and kill it if it times out echo -n "Running command '$RUNCMD'... " "$RUNCMD" & CMD_PID=$! ( sleep "$TIMEOUT"; kill "$CMD_PID" 2>/dev/null; exit 0 ) & CMDTIMEOUT_PID=$! if ! wait "$CMD_PID"; then echo "failed." echo "Error: unknown error running command: $RUNCMD" >&2 revertrules exit 7 else echo "done." fi ;; (*) # Apply iptables rulesfile echo -n "Applying new iptables rules from '$RULESFILE'... " if ! "$RESTORE" <"$RULESFILE"; then echo "failed." echo "Error: unknown error applying new iptables rules: $RULESFILE" >&2 revertrules exit 5 else echo "done." fi ;; esac # Prompt user for confirmation echo -n "Can you establish NEW connections to the machine? (y/N) " read -n1 -t "$TIMEOUT" ret 2>&1 || : case "${ret:-}" in (y*|Y*) # Success echo if [ ! -z "$SAVEFILE" ]; then # Write successfully applied rules to the savefile echo "Writing successfully applied rules to '$SAVEFILE'..." if ! "$SAVE" >"$SAVEFILE"; then echo "Error: unknown error writing successfully applied rules: $SAVEFILE" >&2 exit 9 fi fi echo "... then my job is done. See you next time." ;; (*) # Failed echo if [ -z "${ret:-}" ]; then echo "Timeout! Something happened (or did not). Better play it safe..." else echo "No affirmative response! Better play it safe..." fi revertrules exit 255 ;; esac # Legacy to start the fail2ban daemon again [ -x /etc/init.d/fail2ban ] && /etc/init.d/fail2ban start exit 0 # vim:noet:sw=8