#!/bin/sh

## ---  --
##  --- -
##   ---  fts(2) [fts(2) xploit division]
##  - ---  http://benz.i1.net/fts/xploit
## --  ---
##  ipfwadm firewall frontend (ipfwadm.sh)
##    chmod +x ipfwadm.sh ; ./ipfwadm.sh

cl="[0m"
mag="[35m"
cyn="[36m"
wht="[37m"
hblk="[1;30m"
hmag="[1;35m"
hcyn="[1;36m"
hwht="[1;37m"
ipfver="${cl}${hblk}[${hcyn}i${cl}${cyn}pfwadm${cl}${hmag}.${cl}${cyn}sh${hblk}]${mag}:${cl}${wht}"
isrule="${cl}${hblk}[${hmag}+${cl}${hcyn}r${cl}${cyn}ule${cl}${hblk}]${mag}:${cl}${wht}"

clear
echo "${hwht}---  --"
echo "${hwht} --- -"
echo "${hwht}  ---${cl}  ${hcyn}f${cl}${cyn}ts${mag}(${cyn}2${mag}) ${hblk}[${cl}${wht}fts(2) xploit division${hblk}]"
echo "${hwht} - ---${cl}  ${wht}http://benz.i1.net/fts/xploit"
echo "${hwht}--  ---"
echo "${cl}${hblk}[${cl}${wht}ipfwadm firewall frontend ${cyn}(${wht}ipfwadm${hwht}.${cl}${wht}sh${cyn})${hblk}]"
echo ""
echo -n "$ipfver press any key to begin preliminary system scan.${hblk}.${cl}" 
read blah
echo ""
echo -n "$ipfver checking for root priveledges.."
if [ `whoami` != "root" ]; then
 echo " no."
 exit 0
fi
echo " yes."
echo -n "$ipfver making sure this is a linux system.."
if [ `uname` != "Linux" ]; then
 echo " no."
 exit 0
fi
echo " yes."
echo -n "$ipfver checking for kernel support of ipfwadm.."
if [ `uname -r | cut -d. -f2` = "1" ]; then
 echo " no."
 exit 0
fi
if [ `uname -r | cut -d. -f2` = "2" ]; then
 echo " no."
 exit 0
fi
echo " yes."
echo -n "$ipfver making sure /sbin/ipfwadm exists.."
if [ ! -f /sbin/ipfwadm ]; then
 echo " no."
 exit 0
fi
echo " yes."
echo -n "$ipfver clearing current ipfwadm ruleset.."
/sbin/ipfwadm -I -f 1>/dev/null 2>/dev/null
/sbin/ipfwadm -O -f 1>/dev/null 2>/dev/null
/sbin/ipfwadm -F -f 1>/dev/null 2>/dev/null
echo " done."
echo -n "$ipfver setting script variables.."
localip=`ifconfig ppp0 | grep inet | cut -d: -f2 | awk '{print $1}'`
if [ "$localip" = "0.0.0.0" ]; then
 localip=`ifconfig eth0 | grep inet | cut -d: -f2 | awk '{print $1}'`
 if [ "$localip" = "0.0.0.0" ]; then
  echo " error."
  echo ""
  echo "${cl}unable to obtain ip address from ppp0 or eth0"
  exit 0
 fi
fi
echo " done."
echo ""
echo -n "$ipfver press any key to active your new ipfwadm ruleset.${hblk}.${cl}${wht}"  
read hehegottaloveshellscripting
echo ""
echo -n "$isrule blocking spoofed packets.."
/sbin/ipfwadm -I -a deny -P icmp -o -S $localip 0:65535
/sbin/ipfwadm -I -a deny -P udp -o -S $localip -D 0.0.0.0/0 0:65535 
/sbin/ipfwadm -I -a deny -P tcp -o -S $localip -D 0.0.0.0/0 0:65535
echo " done."
echo -n "$isrule blocking smurf attacks ${hblk}[${cl}${wht}icmp echo reply${hblk}]${cl}${wht}.."
/sbin/ipfwadm -I -a deny -P icmp -o -S 0.0.0.0/0 0:0
echo " done."
echo -n "$isrule blocking udp *echo loop* attacks.."
/sbin/ipfwadm -I -a deny -P udp -o -S 0.0.0.0/0 0:65535 -D 0.0.0.0/0 7:7
echo " done."
echo "$isrule blocking access to vital tcp ports:"
echo -n "    ${hblk}[${cl}${wht}ftp${hblk}]${hwht}:${cl}${wht}"
/sbin/ipfwadm -I -a deny -P tcp -o -S 0.0.0.0/0 -D 0.0.0.0/0 21:21
echo " done."
echo -n "    ${hblk}[${cl}${wht}smtp${hblk}]${hwht}:${cl}${wht}"
/sbin/ipfwadm -I -a deny -P tcp -o -S 0.0.0.0/0 -D 0.0.0.0/0 25:25
echo " done."
echo -n "    ${hblk}[${cl}${wht}telnet${hblk}]${hwht}:${cl}${wht}"
/sbin/ipfwadm -I -a deny -P tcp -o -S 0.0.0.0/0 -D 0.0.0.0/0 23:23
echo " done."
echo -n "    ${hblk}[${cl}${wht}pop3${hblk}]${hwht}:${cl}${wht}"
/sbin/ipfwadm -I -a deny -P tcp -o -S 0.0.0.0/0 -D 0.0.0.0/0 110:110
echo " done."
echo -n "    ${hblk}[${cl}${wht}sunrpc${hblk}]${hwht}:${cl}${wht}"
/sbin/ipfwadm -I -a deny -P tcp -o -S 0.0.0.0/0 -D 0.0.0.0/0 111:111
echo " done."
echo -n "$isrule blocking pingflood attacks ${hblk}[${cl}${wht}icmp echo${hblk}]${cl}${wht}.."
/sbin/ipfwadm -I -a deny -P icmp -o -S 0.0.0.0/0 8:8
echo " done."
echo -n "$isrule allowing all outgoing traffic.."
/sbin/ipfwadm -O -p accept
echo " done."
echo ""
echo "$ipfver your firewall is now active. ${hblk}[${cl}${wht}eof${hblk}]${cl}${wht}"
exit 0