#! /bin/bash
#
## Manually open|close ssh server and port 22 (Debian)
#
## Change for your interface
interface=eth0
if [ "$(whoami)" != "root" ] ; then
echo "You must be root"
exit 1
fi
args=1
usage()
{
echo "Usage `basename $0` {open|close}"
}
## Checking general args.
if [ $# -ne $args ]; then
usage
exit 1
fi
## By default Debian load ssh at boot time and each time ssh upgrades
## debian writes the init links again. So it will remove the links in
## case them exists in /etc/rc:
ls /etc/rc* | grep -e S..ssh && update-rc.d -f ssh remove
case $1 in
open)
ps aux | grep -q s[s]hd
if [ $? -eq 0 ] ; then
echo 'sshd is already running'
exit 1
else
iptables -A INPUT -p tcp --in-interface $interface \
--dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --out-interface $interface \
--sport 22 -j ACCEPT
/etc/init.d/ssh start
exit 0
fi
;;
close)
ps aux | grep -q s[s]hd
if [ $? -eq 0 ] ; then
/etc/init.d/ssh stop
iptables -D INPUT -p tcp --in-interface $interface \
--dport 22 -j ACCEPT
iptables -D OUTPUT -p tcp --out-interface $interface \
--sport 22 -j ACCEPT
exit 0
else
echo 'sshd is not running'
exit 1
fi
;;
*)
usage
exit 1
esac
## End remote.sh
| <= Prev | Next => |
You can mail me to eloi at roquesor.com
.