Update menu-ufw

2024-06-05 20:06:09 +00:00 · 2024-06-05 20:06:09 +00:00 · e1769ddb7f
parent 224094b952
commit e1769ddb7f
1 changed files with 43 additions and 2 deletions
--- a/menu/menu-ufw
+++ b/menu/menu-ufw
@ -3,7 +3,7 @@
 sudo cat > /bin/menu-ufw <<- "EOF"
 #!/bin/bash
 while : ; do
-choix=$(whiptail --title "Raspbian Proyect HP3ICC Menu UFW Firewall" --menu "Note: DO NOT delete input port 22, you could lose control of your server, output port 53, 5353, 80, 443 are very necessary for communication via internet." 18 80 8 \
+choix=$(whiptail --title "Raspbian Proyect HP3ICC Menu UFW Firewall" --menu "Note: DO NOT delete input port 22, you could lose control of your server, output port 53, 5353, 80, 443 are very necessary for communication via internet." 18 80 9 \
 1 " Enable Firewall" \
 2 " Disable Firewall " \
 3 " List Port open  " \
@ -11,7 +11,8 @@ choix=$(whiptail --title "Raspbian Proyect HP3ICC Menu UFW Firewall" --menu "Not
 5 " Add or Remove port ( In, Out or Both ) " \
 6 " Protection standard (all port out is open)  " \
 7 " Protection strong (only 53,5353,80,443 out open)  " \
-8 " Menu Principal " 3>&1 1>&2 2>&3)
+8 " Enable Or Disable ICMP Ping  " \
+9 " Menu Principal " 3>&1 1>&2 2>&3)
 exitstatus=$?
 #on recupere ce choix
 #exitstatus=$?
@ -44,6 +45,46 @@ sudo ufw allow out to any port 5353
 sudo ufw allow out to any port 80
 sudo ufw allow out to any port 443 ;;
 8)
+  while : ; do
+    network=$(whiptail --title "ICMP Ping" --menu "Select menu:" 15 60 8 \
+      "1" "Disable ICMP Ping" \
+      "2" "Enable ICMP Ping" \
+      "3" "menu principal" 3>&1 1>&2 2>&3)
+
+    exitstatus=$?
+
+    if [ $exitstatus = 0 ]; then
+      case "$network" in
+        "1")
+          sed -i '/net.ipv4.icmp_echo_ignore_all/d' /etc/sysctl.conf
+          if ! grep -q "net.ipv4.icmp_echo_ignore_all = 1" "/etc/sysctl.conf" > /dev/null 2>&1; then
+            echo "net.ipv4.icmp_echo_ignore_all = 1" | sudo tee -a /etc/sysctl.conf &&
+            sudo sysctl -p
+            whiptail --title "Check Port" --msgbox "ICMP Ping is disable" 0 50
+
+          fi
+          ;;
+        "2")
+          sed -i '/net.ipv4.icmp_echo_ignore_all/d' /etc/sysctl.conf
+          if ! grep -q "net.ipv4.icmp_echo_ignore_all = 0" "/etc/sysctl.conf" > /dev/null 2>&1; then
+            echo "net.ipv4.icmp_echo_ignore_all = 0" | sudo tee -a /etc/sysctl.conf &&
+            sudo sysctl -p
+            whiptail --title "Check Port" --msgbox "ICMP Ping is Enable" 0 50
+
+          fi
+          ;;
+        "3")
+          break ;;
+        *)
+          echo "Invalid selection" ;;
+      esac
+    else
+      echo "You chose cancel."
+      break
+    fi
+  done
+;;
+9)
 break;
 esac
 done