Add TCPShield Script

README.md

@@ -1,7 +1,17 @@
 # Cloudflare IPWhitelist
 Whitelist CloudFlare's IPs on port your selection of ports <br />
 This script supports Fedora, RHEL, CentOS, Debian,and Ubuntu. <br>
-`bash <(curl -sSL https://raw.githubusercontent.com/tommytran732/Cloudflare-IPWhitelist/master/cloudflare.sh)`
+`bash <(curl -sSL https://raw.githubusercontent.com/tommytran732/Firewall-IPWhitelist/master/cloudflare.sh)`
+
+# Cloudflare IPWhitelist for VMmanager
+Whitelist CloudFlare's IPs on port your selection of ports <br />
+This script supports Fedora, RHEL, CentOS, Debian,and Ubuntu. <br>
+`bash <(curl -sSL https://raw.githubusercontent.com/tommytran732/Firewall-IPWhitelist/master/cloudflare-vmmanager.sh)`
+
+# TCPShield-IPWhitelist
+Whitelist TCPShield's IPs on your selection of ports <br />
+This script supports Fedora, RHEL, CentOS, Debian,and Ubuntu. <br>
+`bash <(curl -sSL https://raw.githubusercontent.com/tommytran732/Firewall-IPWhitelist/master/tcpshield.sh)`
 
 # Notes
 Before you run the script, makes sure you have not opened those ports to all IPs as it will make this script useless. <br />

tcpshield.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+
+output(){
+    echo -e '\e[36m'$1'\e[0m';
+}
+
+get_ports(){
+    read -a ports
+
+    if [[ $ports = "" ]]; then
+      output "You cannot put in an empty list of ports! Try again:"
+      get_ports
+    fi
+}
+
+output "TCPShield IPWhitelist Script"
+output "Copyright © 2020 Thien Tran <contact@thientran.io>."
+output "Support: https://thientran.io/discord"
+output ""
+
+output "Enter the list of ports you want opened, separated by a space."
+output "For example, if you want to open port 25565-25570, type: "
+output "25565 25566 25567 25568 25569 25570"
+
+get_ports
+
+if [ -r /etc/os-release ]; then
+    lsb_dist="$(. /etc/os-release && echo "$ID")"
+fi
+
+if [ -r /etc/os-release ]; then
+   lsb_dist="$(. /etc/os-release && echo "$ID")"
+   dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
+else
+   output "Unsupported Distribution! Only RHEL, CentOS, Fedora, Ubuntu, and Debian are supported!" 
+   exit 1
+fi
+
+if [ "$lsb_dist" = "rhel" ]; then
+   output "OS: Red Hat Enterprise Linux $dist_version detected."
+else
+   output "OS: $lsb_dist $dist_version detected."
+fi
+
+if [ "$lsb_dist" =  "ubuntu" ] || [ "$lsb_dist" =  "debian" ]; then
+     apt -y install ufw wget
+     # Opening Port 22 just in case so that we do not lose the internet connection when the rules are applied.
+     ufw allow 22
+     wget https://tcpshield.com/v4
+     
+     for ips in `cat v4`;
+     do
+        for port in "${ports[@]}";
+        do
+          ufw allow from $ips to any proto tcp port $port
+        done
+     done    
+     yes | ufw enable
+elif [ "$lsb_dist" =  "fedora" ] || [ "$lsb_dist" =  "rhel" ] || [ "$lsb_dist" =  "centos" ] || [ "$lsb_dist" =  "opensuse" ]; then
+     if [ "$lsb_dist" =  "fedora" ] || [ "$lsb_dist" =  "rhel" ] || [ "$lsb_dist" =  "centos" ]; then
+        yum -y install firewalld wget
+     elif [ "$lsb_dist" =  "opensuse" ]; then
+        zypper in firewalld wget -y
+     fi
+     wget https://tcpshield.com/v4
+     for ips in `cat v4`;
+     do
+        for port in "${ports[@]}";
+        do
+          firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port='"$port"' protocol="tcp" accept'
+        done
+     done
+     firewall-cmd --reload
+else 
+     output "Unsupported distribution. This script only supports Fedora, RHEL, CentOS, Ubuntu, and Debian."
+     exit 1
+fi 
+
+rm v4
+
+output "Configuration finished!"