From a14113360d60738b07ecf19e1bf3401c2d4a4589 Mon Sep 17 00:00:00 2001
From: vincent <vincent0214@qq.com>
Date: Tue, 9 Nov 2021 23:08:14 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E8=84=9A=E6=9C=AC,=E8=AE=BE?=
 =?UTF-8?q?=E7=BD=AE=E9=98=B2=E7=81=AB=E5=A2=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 setFirewall.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 setFirewall.sh

diff --git a/setFirewall.sh b/setFirewall.sh
new file mode 100644
index 0000000..9a81673
--- /dev/null
+++ b/setFirewall.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+setFirewall() {
+    res=`which firewall-cmd 2>/dev/null`
+    if [[ $? -eq 0 ]]; then
+        systemctl status firewalld > /dev/null 2>&1
+        if [[ $? -eq 0 ]];then
+            firewall-cmd --permanent --add-service=http
+            firewall-cmd --permanent --add-service=https
+            if [[ "$PORT" != "443" ]]; then
+                firewall-cmd --permanent --add-port=${PORT}/tcp
+                firewall-cmd --permanent --add-port=${PORT}/udp
+            fi
+            firewall-cmd --reload
+        else
+            nl=`iptables -nL | nl | grep FORWARD | awk '{print $1}'`
+            if [[ "$nl" != "3" ]]; then
+                iptables -I INPUT -p tcp --dport 80 -j ACCEPT
+                iptables -I INPUT -p tcp --dport 443 -j ACCEPT
+                if [[ "$PORT" != "443" ]]; then
+                    iptables -I INPUT -p tcp --dport ${PORT} -j ACCEPT
+                    iptables -I INPUT -p udp --dport ${PORT} -j ACCEPT
+                fi
+            fi
+        fi
+    else
+        res=`which iptables 2>/dev/null`
+        if [[ $? -eq 0 ]]; then
+            nl=`iptables -nL | nl | grep FORWARD | awk '{print $1}'`
+            if [[ "$nl" != "3" ]]; then
+                iptables -I INPUT -p tcp --dport 80 -j ACCEPT
+                iptables -I INPUT -p tcp --dport 443 -j ACCEPT
+                if [[ "$PORT" != "443" ]]; then
+                    iptables -I INPUT -p tcp --dport ${PORT} -j ACCEPT
+                    iptables -I INPUT -p udp --dport ${PORT} -j ACCEPT
+                fi
+            fi
+        else
+            res=`which ufw 2>/dev/null`
+            if [[ $? -eq 0 ]]; then
+                res=`ufw status | grep -i inactive`
+                if [[ "$res" = "" ]]; then
+                    ufw allow http/tcp
+                    ufw allow https/tcp
+                    if [[ "$PORT" != "443" ]]; then
+                        ufw allow ${PORT}/tcp
+                        ufw allow ${PORT}/udp
+                    fi
+                fi
+            fi
+        fi
+    fi
+}
+
+
+setFirewall
\ No newline at end of file