|
|
|
|
@ -23,6 +23,17 @@ |
|
|
|
|
-o banner_service \ |
|
|
|
|
banner_service.go |
|
|
|
|
|
|
|
|
|
if [ $? -eq 0 ]; then |
|
|
|
|
/usr/bin/echo "Built Banner Service..." |
|
|
|
|
else |
|
|
|
|
/usr/bin/echo "Failed to compile Banner Service!" |
|
|
|
|
exit 1 |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
if [ -f /etc/systemd/system/banner.service ]; then |
|
|
|
|
/usr/bin/sudo /usr/bin/systemctl disable --now banner.service |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
/usr/bin/sudo /usr/bin/cp banner_service /usr/local/bin/ |
|
|
|
|
/usr/bin/sudo /usr/bin/chown root:bannersvc /usr/local/bin/banner_service |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 750 /usr/local/bin/banner_service |
|
|
|
|
@ -30,40 +41,44 @@ |
|
|
|
|
/usr/bin/echo "Set capabilities (for binding to port 9999 without root)" |
|
|
|
|
/usr/bin/sudo /usr/sbin/setcap 'cap_net_bind_service=+ep' /usr/local/bin/banner_service |
|
|
|
|
|
|
|
|
|
/usr/bin/echo "Copy over Service Files" |
|
|
|
|
/usr/bin/sudo /usr/bin/cp banner.service /etc/systemd/system/banner.service |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/banner.service |
|
|
|
|
/usr/bin/sudo /usr/bin/mkdir -p /etc/systemd/system/banner.service.d |
|
|
|
|
/usr/bin/sudo /usr/bin/cp seccomp.conf /etc/systemd/system/banner.service.d/seccomp.conf |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/banner.service |
|
|
|
|
|
|
|
|
|
/usr/bin/echo "Enable the service for Banner" |
|
|
|
|
/usr/bin/sudo /usr/bin/systemctl daemon-reload |
|
|
|
|
/usr/bin/sudo /usr/bin/systemctl enable --now banner.service |
|
|
|
|
if [ ! -f /etc/systemd/system/banner.service ]; then |
|
|
|
|
/usr/bin/echo "Copy over Service Files" |
|
|
|
|
/usr/bin/sudo /usr/bin/cp banner.service /etc/systemd/system/banner.service |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/banner.service |
|
|
|
|
/usr/bin/sudo /usr/bin/mkdir -p /etc/systemd/system/banner.service.d |
|
|
|
|
/usr/bin/sudo /usr/bin/cp seccomp.conf /etc/systemd/system/banner.service.d/seccomp.conf |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/banner.service |
|
|
|
|
/usr/bin/echo "Enable the service for Banner" |
|
|
|
|
/usr/bin/sudo /usr/bin/systemctl daemon-reload |
|
|
|
|
/usr/bin/sudo /usr/bin/systemctl enable --now banner.service |
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
/usr/bin/echo "Create the service account for synfirewall" |
|
|
|
|
sudo groupadd synfirewall |
|
|
|
|
sudo useradd -r -g synfirewall -s /usr/sbin/nologin \ |
|
|
|
|
-d /var/lib/syn-firewall -c "SYN Scan Firewall" synfirewall |
|
|
|
|
|
|
|
|
|
/usr/bin/echo "Making config.yaml" |
|
|
|
|
/usr/bin/sudo /usr/bin/mkdir -p /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chown synfirewall:synfirewall /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 750 /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/cp config-example.yaml /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 640 /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
/usr/bin/sudo /usr/bin/nano /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
|
|
|
|
|
if [ ! -f /etc/SYN-Scan-Firewall/config.yaml ]; then |
|
|
|
|
/usr/bin/echo "Making config.yaml" |
|
|
|
|
/usr/bin/sudo /usr/bin/mkdir -p /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chown synfirewall:synfirewall /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 750 /etc/SYN-Scan-Firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/cp config-example.yaml /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 640 /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
/usr/bin/sudo /usr/bin/nano /etc/SYN-Scan-Firewall/config.yaml |
|
|
|
|
fi |
|
|
|
|
/usr/bin/echo "Making lib dir..." |
|
|
|
|
/usr/bin/sudo /usr/bin/mkdir -p /var/lib/syn-firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chown synfirewall:synfirewall /var/lib/syn-firewall |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 750 /var/lib/syn-firewall |
|
|
|
|
./reBuild.sh |
|
|
|
|
|
|
|
|
|
/usr/bin/echo "Copy over Service Files for SYN-Scan-Firewall" |
|
|
|
|
/usr/bin/sudo /usr/bin/cp SYN-Scan-Firewall.service /etc/systemd/system/ |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/SYN-Scan-Firewall.service |
|
|
|
|
|
|
|
|
|
if [ ! -f /etc/systemd/system/SYN-Scan-Firewall.service]; then |
|
|
|
|
/usr/bin/echo "Copy over Service Files for SYN-Scan-Firewall" |
|
|
|
|
/usr/bin/sudo /usr/bin/cp SYN-Scan-Firewall.service /etc/systemd/system/ |
|
|
|
|
/usr/bin/sudo /usr/bin/chmod 644 /etc/systemd/system/SYN-Scan-Firewall.service |
|
|
|
|
fi |
|
|
|
|
if [ ! -f /etc/apparmor.d/usr.local.bin.SYN-Scan-Firewall |
|
|
|
|
/usr/bin/echo "Adding AppArmor policy file..." |
|
|
|
|
/usr/bin/sudo /usr/bin/cp AppArmor.policy /etc/apparmor.d/usr.local.bin.SYN-Scan-Firewall |
|
|
|
|
|
|
|
|
|
|
Robert
7 months ago