-
Notifications
You must be signed in to change notification settings - Fork 14
/
sysprep-op-firewall-rules.sh
41 lines (36 loc) · 1.31 KB
/
sysprep-op-firewall-rules.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env bash
#
# Remove any custom firewall rules or firewalld configuration
#
# Modern systems typically make use of the dynamic firewall daemon
# firewalld which provides many advantages and additional features over
# more traditional approaches. Customisation of the systems firewall rules
# it handled through user space tools that output configuration
# customisations to /etc/firewalld/zones and /etc/firewalld/services.
# Deleting these files will remove any custom configuration from the
# system
#
# Older systems or other firewall implementations usually persist rules
# information for iptables in /etc/sysconfig/iptables and use the file to
# configure the firewall at startup. As such simply deleting the file will
# be enough to remove any custom configuration from the system
set -o errexit
fw_config_locations=(
"/etc/sysconfig/iptables"
"/etc/firewalld/services/*"
"/etc/firewalld/zones/*"
)
# If using firewalld stop the daemon/service prior to removing the config
if command -v systemctl &>/dev/null; then
if systemctl is-active firewalld.service &>/dev/null; then
systemctl stop firewalld.service
fi
fi
# Include hidden files in globs
shopt -s nullglob dotglob
# Remove any custom configuration
for fw_config in ${fw_config_locations[@]}
do
rm -rf ${fw_config}
done
exit 0