#!/bin/bash
#########################################################################
#
# File: autosetsystem.sh
# Description:
# Language: GNU Bourne-Again SHell
# Version: 1.1
# Date: 2010-9-6
# WWW: http://5ydycm.blog.51cto.com/
###############################################################################
zzj_key='zzjkey'
general_iptable_content="/sbin/iptables -F\n/sbin/depmod -a\n/sbin/modprobe ip_tables\n/sbin/modprobe ip_conntrack\n/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT\n/sbin/iptables -A INPUT -i lo -j ACCEPT\n/sbin/iptables -P INPUT DROP"
public_ip="ip1 ip2 ip3"
private_ip="ip1 ip2 ip3 ip4"
MainMenu()
{
clear
echo
echo "-------------------------------------------------------------------------"
tput cup 2
time=`date+"%Y-%m-%d"`
echo -ne "USER:$USER\tHOST:$HOSTNAME\tdate:$time"
echo
tput cup 3
echo "-------------------------------------------------------------------------"
tput cup 4 20
echo -e "1:Manage User;"
tput cup 5 20
echo -e "2:Manage Services;"
tput cup 6 20
echo -e "3:Manage Firewall/SSH;"
tput cup 7 20
tput bold
echo -e "4:AutoSet;"
tput sgr0
tput cup 8 20
echo -e "5:Reboot;"
tput cup 9 20
echo -e "6:Quit;"
tput cup 10
echo "--------------------------------------------------------------------------"
echo -n "You choice [1,2,3,4,5,6]:"
readAA
case$AAin
1)
ManageUser
;;
2)
ManageServices
;;
3)
ManageFirewall
;;
4)
AutoSet
;;
5)
echo -n "Are you sure reboot system[y|n]?"
readanswer
if [ $answer == "y"];then
shutdown -r now
exit 0
else
echo -n "You forego reboot system!"
sleep 2
fi
;;
*)
Quit
;;
esac
}
AutoSet(){
EnableOutFirewall
echo -e "\n"
PublickeyAuthenticate
}
AddUser(){
echo -n "Please input add user name:"
readusername
(awk -F':''{print $1}'/etc/passwd|grep ^$username$) && (echo"Add user faild because user exists!"&&sleep 2)||(useradd $username&&passwd $username&&sleep 2)}
DeleteUser(){
echo -n "Please input delete user name:"
readusername
echo -n "Are you sure delete $username[y|n]?"
readanswer
if [ $answer == "y"];then
(awk -F':''{print $1}'/etc/passwd|grep ^$username$)&&(userdel $username&&echo"user delete sucessfull!"&&sleep 2)||(echo"Delete user faild because user account not exists!"&&sleep 2)
else
echo -n "You forego delete $username account!"
sleep 2
fi
}
ModifyRootpwd(){
echo -n "Are you sure modify root password[y|n]?"
readanswer
if [ $answer == "y"];then
passwd root
sleep 2
else
echo -n "You forego modify root password!"
sleep 2
fi
}
ViewUser(){
more /etc/passwd
tput bold
echo "Wait 8 sec!"
sleep 8
tput sgr0
}
ManageUserMenu(){
clear
echo
echo "-------------------------------------------------------------------------"
tput cup 2
time=`date+"%Y-%m-%d"`
echo -ne "USER:$USER\tHOST:$HOSTNAME\tdate:$time"
echo
tput cup 3
echo "-------------------------------------------------------------------------"
tput cup 4 20
echo -e "1:Add User;"
tput cup 5 20
echo -e "2:Delete User;"
tput cup 6 20
echo -e "3:Modify root password;"
tput cup 7 20
echo -e "4:View User;"
tput cup 8 20
echo -e "5:Quit;"
tput cup 9
echo "--------------------------------------------------------------------------"
echo -n "You choice [1,2,3,4,5]:"
readBB
case$BBin
1)
AddUser
;;
2)
DeleteUser
;;
3)
ModifyRootpwd
;;
4)
ViewUser
;;
*)
echo "Quit"
break
;;
esac
}
EnableServices(){
echo -n "Please input enable service name:"
readservicename
echo -n "Are you sure enable $servicename[y|n]?"
readanswer
if [ $answer == "y"];then
(chkconfig --list|awk '{print $1}'|grep ^$servicename$)&&(chkconfig --level 345 $servicename on&&echo "service enable sucessfull!"&&sleep 2)||(echo "service enable faild because service not exists!"&&sleep 2)
else
echo -n "You forego enable $servicename!"
sleep 2
fi
}
DisableServices(){
echo -n "Please input disable service name:"
readservicename
echo -n "Are you sure disable $servicename[y|n]?"
readanswer
if [ $answer == "y"];then
(chkconfig --list|awk '{print $1}'|grep ^$servicename$)&&(chkconfig --level 345 $servicename off&&echo "service diable sucessfull!"&&sleep 2)||(echo "service disable faild because service not exists!"&&sleep 2)
else
echo -n "You forego disable $servicename!"
sleep 2
fi
}
ViewServices(){
chkconfig --list
tput bold
echo "Wait 8 sec!"
sleep 8
tput sgr0
}
ManageServicesMenu(){
clear
echo
echo "-------------------------------------------------------------------------"
tput cup 2
time=`date+"%Y-%m-%d"`
echo -ne "USER:$USER\tHOST:$HOSTNAME\tdate:$time"
echo
tput cup 3
echo "-------------------------------------------------------------------------"
tput cup 4 20
echo -e "1:Enable Services;"
tput cup 5 20
echo -e "2:Disable Services;"
tput cup 6 20
echo -e "3:View Services;"
tput cup 7 20
echo -e "4:Quit;"
tput cup 8
echo "--------------------------------------------------------------------------"
echo -n "You choice [1,2,3,4]:"
readCC
case$CCin
1)
EnableServices
;;
2)
DisableServices
;;
3)
ViewServices
;;
*)
echo "Quit"
break
;;
esac
}
EnableCompanyFirewall(){
echo -n "Are you sure enable firewall[y|n]?"
readanswer
if [ $answer == "y"];then
if [ ! -d /scripts ];then
mkdir /scripts
fi
echo -e $general_iptable_content >/scripts/start_firewall.sh
foripin$private_ip
do
echo "/sbin/iptables -A INPUT -s $ip -p tcp --dport 22 -j ACCEPT">>/scripts/start_firewall.sh
done
echo "sh /scripts/start_firewall.sh">>/etc/rc.local
chmod +x /scripts/start_firewall.sh
sh /scripts/start_firewall.sh
echo "Enable Firewall sucessful!"
sleep 3
else
echo -n "You forego enable firewall!"
sleep 2
fi
}
EnableOutFirewall(){
echo -n "Are you sure enable firewall[y|n]?"
readanswer
if [ $answer == "y"];then
if [ ! -d /scripts ];then
mkdir /scripts
fi
echo -e $general_iptable_content >/scripts/start_firewall.sh
foripin$public_ip
do
echo "/sbin/iptables -A INPUT -s $ip -p tcp --dport 22 -j ACCEPT">>/scripts/start_firewall.sh
done
echo "sh /scripts/start_firewall.sh">>/etc/rc.local
chmod +x /scripts/start_firewall.sh
sh /scripts/start_firewall.sh
echo "Enable Firewall sucessful!"
sleep 3
else
echo -n "You forego enable firewall!"
sleep 2
fi
}
FirewallEnvMenu(){
clear
echo
echo "-------------------------------------------------------------------------"
tput cup 2
time=`date+"%Y-%m-%d"`
echo -ne "USER:$USER\tHOST:$HOSTNAME\tdate:$time"
echo
tput cup 3
echo "-------------------------------------------------------------------------"
tput cup 4 20
echo -e "1:Enable Company Env Firewall;"
tput cup 5 20
echo -e "2:Enable Out Env Firewall;"
tput cup 6 20
echo -e "3:Quit;"
tput cup 7
echo "--------------------------------------------------------------------------"
echo -n "You choice [1,2,3]:"
readEE
case$EEin
1)
EnableCompanyFirewall
;;
2)
EnableOutFirewall
;;
*)
echo "Quit"
break
;;
esac
}
CustomizeFirewall()
{
while true
do
FirewallEnvMenu
done
}
PublickeyAuthenticate()
{
echo -n "Are you sure enable publickey auth[y|n]?"
readanswer
if [ $answer == "y"];then
if [ ! -d /root/.ssh ];then
mkdir /root/.ssh
fi
touch /root/.ssh/authorized_keys
echo $zzj_key >/root/.ssh/authorized_keys
cp /etc/ssh/sshd_config /tmp/sshd_config_bak
sed 's/^PasswordAuthentication yes$/PasswordAuthentication no/'/etc/ssh/sshd_config > /etc/ssh/tmp_sshd_config
sed 's/^#PubkeyAuthentication yes$/PubkeyAuthentication yes/'/etc/ssh/tmp_sshd_config > /etc/ssh/tmp1_sshd_config
sed 's/^#AuthorizedKeysFile/AuthorizedKeysFile/'/etc/ssh/tmp1_sshd_config > /etc/ssh/tmp_sshd_config
rm -fr /etc/ssh/sshd_config
rm -fr /etc/ssh/tmp1_sshd_config
mv /etc/ssh/tmp_sshd_config /etc/ssh/sshd_config
kill -HUP `cat /var/run/sshd.pid`
echo "Please use public key try login agains!"
sleep 5
else
echo -n "You forego publickey auth!"
sleep 2
fi
}
ManagerFirewallMenu(){
clear
echo
echo "-------------------------------------------------------------------------"
tput cup 2
time=`date+"%Y-%m-%d"`
echo -ne "USER:$USER\tHOST:$HOSTNAME\tdate:$time"
echo
tput cup 3
echo "-------------------------------------------------------------------------"
tput cup 4 20
echo -e "1:Enable Customize Firewall;"
tput cup 5 20
echo -e "2:Enable Publickey Authenticate;"
tput cup 6 20
echo -e "3:Quit;"
tput cup 7
echo "--------------------------------------------------------------------------"
echo -n "You choice [1,2,3]:"
readDD
case$DDin
1)
CustomizeFirewall
;;
2)
PublickeyAuthenticate
;;
*)
echo "Quit"
break
;;
esac
}
ManageUser ()
{
while true
do
ManageUserMenu
done
}
ManageServices(){
while true
do
ManageServicesMenu
done
}
ManageFirewall()
{
while true
do
ManagerFirewallMenu
done
}
Quit()
{
echo "Quit"
break
}
while true
do
MainMenu
done