Gecko [ www.omxrelocation.in ]

Name	Size	Permission
check-detached.py	1.11 KB	-rwxr-xr-x
check_recurrent.py	1.85 KB	-rwxr-xr-x
create_default_config	1.23 KB	-rwxr-xr-x
csf_tool	2.75 KB	-rwxr--r--
delay_on_cron_call.py	1.12 KB	-rwxr-xr-x
disable_3rd_party_ids	1.01 KB	-rwxr--r--
imunify-disable-cpu-accounting...	792 B	-rwxr--r--
imunify-doctor.sh	17.1 KB	-rwxr--r--
imunify-force-update.sh	3.16 KB	-rwxr--r--
lfd_block.py	2.96 KB	-rwxr--r--
mk_apache_conf_digest.pl	3.55 KB	-rwxr--r--
purge-clamav	535 B	-rwxr-xr-x
remove_hardened_php.py	3.59 KB	-rwxr-xr-x
rules_checker.py	10.8 KB	-rwxr-xr-x
send-notifications	7.01 KB	-rwsrwx---
setup_cagefs.py	3.72 KB	-rwx------
track-fpfn-submissions.sh	3.8 KB	-rwxr-xr-x
update_components_versions.py	4.46 KB	-rwxr-xr-x
whitelist_cache.py	1.46 KB	-rwxr-xr-x

Code Editor : csf_tool

#!/bin/bash
#
# This script exit codes
# 0 means OK
# 1 some error or csf is not installed
#

function is_csf_installed {
  if which csf >/dev/null 2>&1; then
    echo "csf is installed"
    return 0
  else
    echo "csf is not installed"
    return 1
  fi
}

function enable_csf {
  systemctl start csf
  systemctl start lfd
  csf --enable # add csf to autostart
}

function disable_csf {
  systemctl stop csf
  systemctl stop lfd
  csf --disable # remove csf from autostart
}

function edit_allow_list {
    FILE=$1
    mapfile -t ip_comment < $FILE
    if [ "$2" = "remove" ] ; then
        for instance in "${ip_comment[@]}"
            do
                IFS=';' read -r ip comment <<< $instance
                    if [ ! -z $ip ]; then
                        sed -i "/$ip/d" /etc/csf/csf.allow
                        local rc=$?
                        test $rc = 0 || return $rc
                    fi
            done
        # remove imunify360 whitelist file
        sed -i "/imunify360.txt/d" /etc/csf/csf.allow
        sed -i "/^# csf_tool/d" /etc/csf/csf.allow
        remove_bins_from_pignore
    fi
    if [ "$2" = "add" ] ; then
        add_bins_to_pignore
        echo $'\n# csf_tool: ' >> /etc/csf/csf.allow
        for instance in "${ip_comment[@]}"
            do
                echo $instance
                    IFS=';' read -r ip comment <<< $instance
                    local out=`csf --add $ip "$comment" 2>&1`
                    local rc=$?
                    test $rc = 0 || return $rc
            done
    fi
}
BINS_TO_IGNORE="exe:/var/ossec/bin/ossec-monitord \
                exe:/var/ossec/bin/ossec-analysisd\
                exe:/var/ossec/bin/ossec-remoted"
ignore_file=/etc/csf/csf.pignore

function remove_bins_from_pignore {
  for exe in $BINS_TO_IGNORE; do
    sed -i "\|${exe}|d" $ignore_file
  done
}

function add_bins_to_pignore {

should_restart=false

for exe in $BINS_TO_IGNORE; do
        if ! grep -q $exe $ignore_file ; then
            echo "$exe" >> $ignore_file
            should_restart=true
        fi
    done

if $should_restart; then
        echo 'Restarting CSF to apply pignore changes'
        csf --restartall > /dev/null
    fi
}

if [ "$1" = "" ] ; then
    echo "Usage: $0 enable/disable/status/coop_install"
    exit 1
fi
if [ "$1" = "status" ] ; then
    is_csf_installed
    exit $?
fi
if [ "$1" = "enable" ]
then
    is_csf_installed >/dev/null || exit 1
    enable_csf
    exit $?
fi
if [ "$1" = "disable" ]
then
    is_csf_installed >/dev/null || exit 1
    disable_csf
    exit $?
fi
if [ "$1" = "coop_install" ]
then
    is_csf_installed >/dev/null || exit 1
    edit_allow_list /etc/csf/imunify_allow.conf add
    exit $?
fi
if [ "$1" = "remove" ]
then
    edit_allow_list /etc/csf/imunify_allow.conf remove
    exit $?
fi

${this.title}

Code Editor : csf_tool