1#!/bin/sh 2 3set -e 4set -u 5 6# Checking which firewall to use. 7UNAME=$(uname); 8FILE=""; 9 10if [ "X${UNAME}" = "XFreeBSD" ]; then 11 # Is ipfw enabled? 12 if grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then 13 # Firewall is IPFW 14 FILE="ipfw.sh"; 15 echo "IPFW"; 16 fi 17 18 # if pf enabled? 19 if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then 20 # Firewall is PF 21 FILE="pf.sh"; 22 echo "PF"; 23 fi 24 25# Darwin 26elif [ "X${UNAME}" = "XDarwin" ]; then 27 # Is pfctl present? 28 if which pfctl; then 29 echo "PF"; 30 FILE="pf.sh"; 31 else 32 echo "IPFW"; 33 FILE="ipfw_mac.sh"; 34 fi 35 36elif [ "X${UNAME}" = "XOpenBSD" ]; then 37 if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then 38 # Firewall is PF 39 FILE="pf.sh"; 40 echo "PF"; 41 fi 42fi 43 44# If file is set and execute flag is set 45if [ ! "X$FILE" = "X" ]; then 46 if [ $# -eq 1 ] && [ "X$1" = "Xexecute" ]; then 47 cp -pr ../active-response/firewall-drop.sh ../active-response/firewalls/default-firewall-drop.sh 48 cp -pr ../active-response/firewalls/$FILE ../active-response/firewall-drop.sh 49 fi 50fi 51 52exit 0; 53