From 5a67cbc752032332abe90263019ab6c86b73993b Mon Sep 17 00:00:00 2001
From: TommyTran732 <57488583+tommytran732@users.noreply.github.com>
Date: Fri, 1 May 2020 23:16:48 -0400
Subject: [PATCH] Add support for an array of ports

---
 cloudflare.sh | 45 +++++++++++++++++++++++++++++++++++++--------
 1 file changed, 37 insertions(+), 8 deletions(-)

diff --git a/cloudflare.sh b/cloudflare.sh
index ba33360..084e104 100644
--- a/cloudflare.sh
+++ b/cloudflare.sh
@@ -4,15 +4,38 @@ output(){
     echo -e '\e[36m'$1'\e[0m';
 }
 
+get_ports(){
+    read -a ports
+
+    if [[ $ports = "" ]]; then
+      output "You cannot put in an empty list of ports! Try again:"
+      get_ports
+    fi
+}
+
 output "Cloudflare IPWhitelist Script"
 output "Copyright © 2020 Thien Tran <contact@thientran.io>."
 output "Support: https://thientran.io/discord"
 output ""
 
+output "Enter the list of ports you want opened, separated by a space."
+output "For example, if you want to open port 80, 443 and 8443, type: "
+output "80 443 8443"
+
+get_ports
+
 if [ -r /etc/os-release ]; then
     lsb_dist="$(. /etc/os-release && echo "$ID")"
 fi
 
+if [ -r /etc/os-release ]; then
+   lsb_dist="$(. /etc/os-release && echo "$ID")"
+   dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
+else
+   output "Unsupported Distribution! Only RHEL, CentOS, Fedora, Ubuntu, and Debian are supported!" 
+   exit 1
+fi
+
 if [ "$lsb_dist" =  "ubuntu" ] || [ "$lsb_dist" =  "debian" ]; then
      apt -y install ufw wget
      # Opening Port 22 just in case so that we do not lose the internet connection when the rules are applied.
@@ -22,14 +45,16 @@ if [ "$lsb_dist" =  "ubuntu" ] || [ "$lsb_dist" =  "debian" ]; then
      
      for ips in `cat ips-v4`;
      do
-        ufw allow from $ips to any proto tcp port 80
-        ufw allow from $ips to any proto tcp port 443
+        for port in "${ports[@]}";
+            ufw allow from $ips to any proto tcp port $port
+        done
      done
      
      for ips in `cat ips-v6`;
      do
-        ufw allow from $ips to any proto tcp port 80
-        ufw allow from $ips to any proto tcp port 443
+        for port in "${ports[@]}";
+            ufw allow from $ips to any proto tcp port $port
+        done
      done
      
      yes | ufw enable
@@ -39,14 +64,18 @@ elif [ "$lsb_dist" =  "fedora" ] || [ "$lsb_dist" =  "rhel" ] || [ "$lsb_dist" =
      wget https://www.cloudflare.com/ips-v6
      for ips in `cat ips-v4`;
      do
-        firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port="80" protocol="tcp" accept'
-        firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port="443" protocol="tcp" accept'
+        for port in "${ports[@]}";
+        do
+          firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address='"$ips"' port port='"$port"' protocol="tcp" accept'
+        done
      done
      
      for ips in `cat ips-v6`;
      do
-        firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address='"$ips"' port port="80" protocol="tcp" accept'
-        firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address='"$ips"' port port="443" protocol="tcp" accept'
+        for port in "${ports[@]}";
+        do
+          firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address='"$ips"' port port='"$port"' protocol="tcp" accept'
+        done
      done
      firewall-cmd --reload
 else