Procházet zdrojové kódy

Move ping enable/disable to security menu

Bob Mottram před 7 roky
rodič
revize
24c39e1d07
2 změnil soubory, kde provedl 79 přidání a 76 odebrání
  1. 23
    49
      src/freedombone-controlpanel
  2. 56
    27
      src/freedombone-sec

+ 23
- 49
src/freedombone-controlpanel Zobrazit soubor

@@ -1085,30 +1085,6 @@ function restore_data_remote {
1085 1085
     rm -f "$data"
1086 1086
 }
1087 1087
 
1088
-function ping_enable_disable {
1089
-    ping_str=$"\\nDo you want to enable other systems to ping this machine?\\n\\nPing may be useful for diagnostic purposes, but for added security you may not want to enable it."
1090
-    enable_ping="no"
1091
-    dialog --title $"Enable Ping / ICMP" \
1092
-           --backtitle $"Freedombone Control Panel" \
1093
-           --defaultno \
1094
-           --yesno "$ping_str" 10 60
1095
-    sel=$?
1096
-    case $sel in
1097
-        0) enable_ping="yes";;
1098
-        255) return;;
1099
-    esac
1100
-
1101
-    if [[ $enable_ping == "yes" ]]; then
1102
-        iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
1103
-        iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
1104
-        echo "0" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
1105
-    else
1106
-        iptables -D INPUT -p icmp --icmp-type echo-request -j ACCEPT
1107
-        iptables -D OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
1108
-        echo "1" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
1109
-    fi
1110
-}
1111
-
1112 1088
 function logging_on_off {
1113 1089
     logging="no"
1114 1090
     dialog --title $"Logging" \
@@ -1976,21 +1952,20 @@ function menu_top_level {
1976 1952
            3 $"App Settings"
1977 1953
            4 $"Add/Remove Apps"
1978 1954
            5 $"Logging on/off"
1979
-           6 $"Ping enable/disable"
1980
-           7 $"Manage Users"
1981
-           8 $"Email Menu"
1982
-           9 $"Domain or User Blocking"
1983
-           10 $"Security Settings"
1984
-           11 $"Change the name of this system"
1985
-           12 $"Set a static local IP address"
1986
-           13 $"Wifi menu"
1987
-           14 $"Add Clacks"
1988
-           15 $"Check for updates"
1989
-           16 $"Power off the system"
1990
-           17 $"Restart the system")
1955
+           6 $"Manage Users"
1956
+           7 $"Email Menu"
1957
+           8 $"Domain or User Blocking"
1958
+           9 $"Security Settings"
1959
+           10 $"Change the name of this system"
1960
+           11 $"Set a static local IP address"
1961
+           12 $"Wifi menu"
1962
+           13 $"Add Clacks"
1963
+           14 $"Check for updates"
1964
+           15 $"Power off the system"
1965
+           16 $"Restart the system")
1991 1966
 
1992 1967
         # shellcheck disable=SC2068
1993
-        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Administrator Control Panel" --menu $"Choose an operation, or ESC to exit:" 25 60 25 "${W[@]}" 3>&2 2>&1 1>&3)
1968
+        selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Administrator Control Panel" --menu $"Choose an operation, or ESC to exit:" 24 60 24 "${W[@]}" 3>&2 2>&1 1>&3)
1994 1969
 
1995 1970
         if [ ! "$selection" ]; then
1996 1971
             break
@@ -2007,18 +1982,17 @@ function menu_top_level {
2007 1982
                fi
2008 1983
                ;;
2009 1984
             5) logging_on_off;;
2010
-            6) ping_enable_disable;;
2011
-            7) menu_users;;
2012
-            8) menu_email;;
2013
-            9) domain_blocking;;
2014
-            10) security_settings;;
2015
-            11) change_system_name;;
2016
-            12) set_static_IP;;
2017
-            13) menu_wifi;;
2018
-            14) add_clacks;;
2019
-            15) check_for_updates;;
2020
-            16) shut_down_system;;
2021
-            17) restart_system;;
1985
+            6) menu_users;;
1986
+            7) menu_email;;
1987
+            8) domain_blocking;;
1988
+            9) security_settings;;
1989
+            10) change_system_name;;
1990
+            11) set_static_IP;;
1991
+            12) menu_wifi;;
1992
+            13) add_clacks;;
1993
+            14) check_for_updates;;
1994
+            15) shut_down_system;;
1995
+            16) restart_system;;
2022 1996
         esac
2023 1997
     done
2024 1998
 }

+ 56
- 27
src/freedombone-sec Zobrazit soubor

@@ -69,6 +69,30 @@ LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
69 69
 
70 70
 MY_USERNAME=
71 71
 
72
+function ping_enable_disable {
73
+    ping_str=$"\\nDo you want to enable other systems to ping this machine?\\n\\nPing may be useful for diagnostic purposes, but for added security you may not want to enable it."
74
+    enable_ping="no"
75
+    dialog --title $"Enable Ping / ICMP" \
76
+           --backtitle $"Freedombone Control Panel" \
77
+           --defaultno \
78
+           --yesno "$ping_str" 10 60
79
+    sel=$?
80
+    case $sel in
81
+        0) enable_ping="yes";;
82
+        255) return;;
83
+    esac
84
+
85
+    if [[ $enable_ping == "yes" ]]; then
86
+        iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
87
+        iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
88
+        echo "0" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
89
+    else
90
+        iptables -D INPUT -p icmp --icmp-type echo-request -j ACCEPT
91
+        iptables -D OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
92
+        echo "1" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
93
+    fi
94
+}
95
+
72 96
 function any_key_verify {
73 97
     echo ''
74 98
     read -n1 -rsp $"Press any key to continue or C to check a hash..." key
@@ -1177,20 +1201,21 @@ function menu_security_settings {
1177 1201
        3 $"Fix STIG test failures"
1178 1202
        4 $"Show tripwire verification code"
1179 1203
        5 $"Reset tripwire"
1180
-       6 $"Show ssh host public key"
1181
-       7 $"Tor bridges"
1182
-       8 $"Password storage"
1183
-       9 $"Export passwords"
1184
-       10 $"Regenerate ssh host keys"
1185
-       11 $"Regenerate Diffie-Hellman keys"
1186
-       12 $"Update cipersuite"
1187
-       13 $"Create a new Let's Encrypt certificate"
1188
-       14 $"Renew Let's Encrypt certificate"
1189
-       15 $"Delete a Let's Encrypt certificate"
1190
-       16 $"Enable GPG based authentication (monkeysphere)"
1191
-       17 $"Register a website with monkeysphere"
1192
-       18 $"Allow ssh login with passwords"
1193
-       19 $"Show firewall")
1204
+       6 $"Enable or disable ping"
1205
+       7 $"Show ssh host public key"
1206
+       8 $"Tor bridges"
1207
+       9 $"Password storage"
1208
+       10 $"Export passwords"
1209
+       11 $"Regenerate ssh host keys"
1210
+       12 $"Regenerate Diffie-Hellman keys"
1211
+       13 $"Update cipersuite"
1212
+       14 $"Create a new Let's Encrypt certificate"
1213
+       15 $"Renew Let's Encrypt certificate"
1214
+       16 $"Delete a Let's Encrypt certificate"
1215
+       17 $"Enable GPG based authentication (monkeysphere)"
1216
+       18 $"Register a website with monkeysphere"
1217
+       19 $"Allow ssh login with passwords"
1218
+       20 $"Show firewall")
1194 1219
 
1195 1220
     # shellcheck disable=SC2068
1196 1221
     selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"Security Settings" --menu $"Choose an operation, or ESC to exit:" 24 76 24 "${W[@]}" 3>&2 2>&1 1>&3)
@@ -1244,53 +1269,57 @@ function menu_security_settings {
1244 1269
             ;;
1245 1270
 
1246 1271
         6)
1272
+            ping_enable_disable
1273
+            exit 0
1274
+            ;;
1275
+        7)
1247 1276
             dialog --title $"SSH host public keys" \
1248 1277
                    --msgbox "\\n$(get_ssh_server_key)" 12 60
1249 1278
             exit 0
1250 1279
             ;;
1251
-        7)
1280
+        8)
1252 1281
             menu_tor_bridges
1253 1282
             exit 0
1254 1283
             ;;
1255
-        8)
1284
+        9)
1256 1285
             store_passwords
1257 1286
             exit 0
1258 1287
             ;;
1259
-        9)
1288
+        10)
1260 1289
             export_passwords
1261 1290
             exit 0
1262 1291
             ;;
1263
-        10)
1292
+        11)
1264 1293
             regenerate_ssh_host_keys
1265 1294
             ;;
1266
-        11)
1295
+        12)
1267 1296
             regenerate_dh_keys
1268 1297
             ;;
1269
-        12)
1298
+        13)
1270 1299
             interactive_setup
1271 1300
             update_ciphersuite
1272 1301
             ;;
1273
-        13)
1302
+        14)
1274 1303
             create_letsencrypt
1275 1304
             ;;
1276
-        14)
1305
+        15)
1277 1306
             renew_letsencrypt
1278 1307
             ;;
1279
-        15)
1308
+        16)
1280 1309
             delete_letsencrypt
1281 1310
             ;;
1282
-        16)
1311
+        17)
1283 1312
             enable_monkeysphere
1284 1313
             ;;
1285
-        17)
1314
+        18)
1286 1315
             register_website
1287 1316
             ;;
1288
-        18)
1317
+        19)
1289 1318
             allow_ssh_passwords
1290 1319
             change_ssh_settings
1291 1320
             exit 0
1292 1321
             ;;
1293
-        19)
1322
+        20)
1294 1323
             show_firewall
1295 1324
             exit 0
1296 1325
             ;;