diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d5f6004 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +banner_service +SYN-Scan-Firewall diff --git a/SYN-Scan-Firewall b/SYN-Scan-Firewall deleted file mode 100755 index d60a8fe..0000000 Binary files a/SYN-Scan-Firewall and /dev/null differ diff --git a/banner_service b/banner_service deleted file mode 100755 index 72bb930..0000000 Binary files a/banner_service and /dev/null differ diff --git a/install.sh b/install.sh index f01f130..6931193 100755 --- a/install.sh +++ b/install.sh @@ -51,13 +51,13 @@ sudo useradd -r -g synfirewall -s /usr/sbin/nologin \ /usr/bin/sudo /usr/bin/chown synfirewall:synfirewall /etc/SYN-Scan-Firewall /usr/bin/sudo /usr/bin/chmod 750 /etc/SYN-Scan-Firewall /usr/bin/sudo /usr/bin/cp config-example.yaml /etc/SYN-Scan-Firewall/config.yaml -/usr/bin/chmod 640 /etc/SYN-Scan-Firewall/config.yaml +/usr/bin/sudo /usr/bin/chmod 640 /etc/SYN-Scan-Firewall/config.yaml /usr/bin/sudo /usr/bin/nano /etc/SYN-Scan-Firewall/config.yaml /usr/bin/echo "Making lib dir..." -sudo mkdir -p /var/lib/syn-firewall -sudo chown synfirewall:synfirewall /var/lib/syn-firewall -sudo chmod 750 /var/lib/syn-firewall +/usr/bin/sudo /usr/bin/mkdir -p /var/lib/syn-firewall +/usr/bin/sudo /usr/bin/chown synfirewall:synfirewall /var/lib/syn-firewall +/usr/bin/sudo /usr/bin/chmod 750 /var/lib/syn-firewall ./reBuild.sh /usr/bin/echo "Copy over Service Files for SYN-Scan-Firewall" diff --git a/reBuild.sh b/reBuild.sh index d1493a6..54d47ad 100755 --- a/reBuild.sh +++ b/reBuild.sh @@ -1,6 +1,14 @@ #!/bin/bash /usr/bin/echo "Building SYN-Scan-Firewall..." -go build -buildmode=pie -ldflags="-s -w -extldflags=-z,now,-z,relro" -tags=netgo -o SYN-Scan-Firewall SYN-Scan-Firewall.go + +# Build with hardening +go build \ + -trimpath \ + -buildmode=pie \ + -ldflags="-s -w" \ + -tags="netgo osusergo" \ + -o SYN-Scan-Firewall \ + SYN-Scan-Firewall.go /usr/bin/echo "Setting up local bin..." /usr/bin/sudo /usr/bin/cp SYN-Scan-Firewall /usr/local/bin/