3c35711006f805f6c5cfcba9da8066220ebd24c6
[ossec-hids.git] / fw-check.sh
1 #!/bin/sh
2
3
4 # Checking which firewall to use.
5 UNAME=`uname`
6 FILE="";
7 EXECUTE="$1";
8
9 if [ "X${UNAME}" = "XFreeBSD" ]; then
10     # Is ipfw enabled?
11     grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1
12     if [ $? = 0 ]; then
13         # Firewall is IPFW
14         FILE="ipfw.sh";
15         echo "IPFW";
16     fi    
17
18     # if pf enabled?
19     grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1
20     if [ $? = 0 ]; then
21         # Firewall is PF
22         FILE="pf.sh";
23         echo "PF";
24     fi    
25
26 # Darwin
27 elif [ "X${UNAME}" = "XDarwin" ]; then
28     # Is pfctl present?
29     which pfctl;
30     if [ $? = 0 ]; then
31         echo "PF";
32         FIlE="pf.sh";
33     else
34         echo "IPFW";
35         FILE="ipfw_mac.sh";
36     fi
37         
38 elif [ "X${UNAME}" = "XOpenBSD" ]; then
39     if [ $? = 0 ]; then
40         # Firewall is PF
41         FILE="pf.sh";
42         echo "PF";
43     fi    
44 fi
45
46
47 # If file is set and execute flag is set
48 if [ ! "X$FILE" = "X" ]; then
49     if [ "X$EXECUTE" = "Xexecute" ]; then
50         cp -pr ../active-response/firewall-drop.sh ../active-response/firewalls/default-firewall-drop.sh
51         cp -pr ../active-response/firewalls/$FILE ../active-response/firewall-drop.sh
52     fi
53 fi    
54
55 exit 0;