src/init/fw-check.sh

   1 #!/bin/sh
   2
   3 set -e
   4 set -u
   5
   6 # Checking which firewall to use.
   7 UNAME=$(uname);
   8 FILE="";
   9
  10 if [ "X${UNAME}" = "XFreeBSD" ]; then
  11     # Is ipfw enabled?
  12     if grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
  13         # Firewall is IPFW
  14         FILE="ipfw.sh";
  15         echo "IPFW";
  16     fi
  17
  18     # if pf enabled?
  19     if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
  20         # Firewall is PF
  21         FILE="pf.sh";
  22         echo "PF";
  23     fi
  24
  25 # Darwin
  26 elif [ "X${UNAME}" = "XDarwin" ]; then
  27     # Is pfctl present?
  28     if which pfctl; then
  29         echo "PF";
  30         FILE="pf.sh";
  31     else
  32         echo "IPFW";
  33         FILE="ipfw_mac.sh";
  34     fi
  35
  36 elif [ "X${UNAME}" = "XOpenBSD" ]; then
  37     if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
  38         # Firewall is PF
  39         FILE="pf.sh";
  40         echo "PF";
  41     fi
  42 fi
  43
  44 # If file is set and execute flag is set
  45 if [ ! "X$FILE" = "X" ]; then
  46     if [ $# -eq 1 ] && [ "X$1" = "Xexecute" ]; then
  47         cp -pr ../active-response/firewall-drop.sh ../active-response/firewalls/default-firewall-drop.sh
  48         cp -pr ../active-response/firewalls/$FILE ../active-response/firewall-drop.sh
  49     fi
  50 fi
  51
  52 exit 0;