-
Notifications
You must be signed in to change notification settings - Fork 0
/
519.pf.trusted.home
34 lines (30 loc) · 1.3 KB
/
519.pf.trusted.home
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/sh
# 519.pf.trusted.home v1.03
if [ -r /etc/defaults/periodic.conf ]; then
. /etc/defaults/periodic.conf
source_periodic_confs
fi
: ${pf_trusted_home_enable="NO"}
: ${pf_trusted_home_host=""}
case "$pf_trusted_home_enable" in [Yy][Ee][Ss])
ipcurrent=$(host -W 10 ${pf_trusted_home_host} | grep 'has address' | /usr/bin/awk '{print $4}' | egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}')
if [ ! -z $ipcurrent ]; then
if [ ! -f /etc/pf.trusted-hosts-home ]; then
touch /etc/pf.trusted-hosts-home
fi
ipold=$(egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}' /etc/pf.trusted-hosts-home)
if [ ! -z $ipold ]; then
if [ $ipcurrent != $ipold ]; then
pfctl -q -t TRUSTED-HOSTS -T delete $ipold
pfctl -q -t TRUSTED-HOSTS -T add $ipcurrent
echo $ipcurrent > /etc/pf.trusted-hosts-home
fi
else
pfctl -q -t TRUSTED-HOSTS -T add $ipcurrent
echo $ipcurrent > /etc/pf.trusted-hosts-home
fi
fi
;;
*) rc=0;;
esac
exit $rc