-
Notifications
You must be signed in to change notification settings - Fork 0
/
firewall.sh
executable file
·120 lines (106 loc) · 5.05 KB
/
firewall.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#!/bin/bash
# author: zerobits01
# purpose: enabling and running some rules on floodlight firewall module
#
# 10.0.4.10 => buildserver 10.0.3.14 -/
# 10.0.3.10 => 10.0.3.12 -/
# 10.0.3.11 => 10.0.3.13 -/
# 10.0.3.14 => 3.10, 3.11, 3.12, 3.13
# 10.0.2.10 => * -/
ipport=172.16.229.131:8080
enable_address=/wm/firewall/module/enable/json
add_url=/wm/firewall/rules/json
disable_address=/wm/firewall/module/disable/json
# enabling
curl $ipport$enable_address -X PUT
echo \\n
echo examples
echo curl 172.16.229.131:8080/wm/firewall/module/enable/json -X PUT
echo curl -X POST -d '{"src-ip": "10.0.0.4/32", "dst-ip": "10.0.0.5/32", "nw-proto":"ICMP"}' http://172.16.229.131:8080/wm/firewall/rules/json
echo curl -X POST -d '{"src-ip": "10.0.0.5/32", "dst-ip": "10.0.0.4/32", "nw-proto":"ICMP"}' http://172.16.229.131:8080/wm/firewall/rules/json
echo curl -X POST -d '{"src-ip": "10.0.0.4/32", "dst-ip": "10.0.0.5/32", "nw-proto":"ARP"}' http://172.16.229.131:8080/wm/firewall/rules/json
echo curl -X POST -d '{"src-ip": "10.0.0.5/32", "dst-ip": "10.0.0.4/32", "nw-proto":"ARP"}' http://172.16.229.131:8080/wm/firewall/rules/json
echo \\n
# admin
echo -e admin \\n
curl -X POST -d '{"src-ip": "10.0.1.10/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.1.10/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"src-ip": "10.0.1.10/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.1.10/32", "nw-proto":"ARP"}' $ipport$add_url
echo -e admin set up \\n
# django to db
echo -e django to db \\n
curl -X POST -d '{"src-ip": "10.0.3.10/32", "dst-ip": "10.0.3.12/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.10/32", "src-ip": "10.0.3.12/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"src-ip": "10.0.3.10/32", "dst-ip": "10.0.3.12/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.10/32", "src-ip": "10.0.3.12/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
echo -e django to db done\\n
# wp to db
echo \\n
echo -e wp to db \\n
curl -X POST -d '{"src-ip": "10.0.3.11/32", "dst-ip": "10.0.3.13/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.11/32", "src-ip": "10.0.3.13/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"src-ip": "10.0.3.11/32", "dst-ip": "10.0.3.13/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.11/32", "src-ip": "10.0.3.13/32", "nw-proto":"ARP"}' $ipport$add_url
echo -e wp to db done \\n
# build to all
echo -e build to all \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.10/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.11/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.12/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.13/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.10/32", "src-ip": "10.0.3.14/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.11/32", "src-ip": "10.0.3.14/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.12/32", "src-ip": "10.0.3.14/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.13/32", "src-ip": "10.0.3.14/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.10/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.11/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.12/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.3.13/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.10/32", "src-ip": "10.0.3.14/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.11/32", "src-ip": "10.0.3.14/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.12/32", "src-ip": "10.0.3.14/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.13/32", "src-ip": "10.0.3.14/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
echo -e build to all done \\n
# emplyee to build
echo -e employee to build\\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.4.10/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"src-ip": "10.0.3.14/32", "dst-ip": "10.0.4.10/32", "nw-proto":"ICMP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"dst-ip": "10.0.3.14/32", "src-ip": "10.0.4.10/32", "nw-proto":"ARP"}' $ipport$add_url
echo \\n
curl -X POST -d '{"src-ip": "10.0.3.14/32", "dst-ip": "10.0.4.10/32", "nw-proto":"ARP"}' $ipport$add_url
echo -e employee to build done\\n
# disable and enable
echo -e restarting \\n
curl $ipport$disable_address -X PUT
echo \\n
curl $ipport$enable_address -X PUT
echo -e restarting done \\n