Complete adding support for SIP firewall whitelist

author Andy Witter <awitter@georgialibraries.org>

Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)

committer Andy Witter <awitter@georgialibraries.org>

Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)
author Andy Witter <awitter@georgialibraries.org>
Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)
committer Andy Witter <awitter@georgialibraries.org>
Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)
diff --git a/GenaSYS.sh b/GenaSYS.sh

index 5230e7e..969ba18 100755 (executable)
--- a/GenaSYS.sh
+++ b/GenaSYS.sh
@@ -25,8 +25,8 @@
      PURPOSE_="Generate config files needed for Evergreen-ILS Cluster"
     SYNOPSIS_="$NAME_"
     REQUIRES_="standard GNU commands, apt, dpkg"
-    VERSION_="1.97"
-       DATE_="2010-11-23; last update: 2019-04-08"
+    VERSION_="1.98"
+       DATE_="2010-11-23; last update: 2019-04-09"
       AUTHOR_="Andy Witter <awitter@georgialibraries.org>"
          URL_="http://evergreen-ils.org"
     CATEGORY_="devel"
@@ -62,6 +62,7 @@ PRIVATENET="$DEFAULT_PRIVATE_NET"
  ORIGIN_PRIVATENET="$PRIVATENET"
  OSRF_USERNAME="opensrf"
  DB_USERNAME="evergreen"
+SIP_FW_WHITELIST_FILE="sip_whitelist.fw"
  #DRONECOUNT="2"
  TMPFOLDER="/tmp/GenaSYS"
  TMPHOSTS="${TMPFOLDER}/tmphost.txt"
@@ -280,6 +281,14 @@ echo
  echo -e ${COL_BR_CYAN}"7 __SIP Customized Locale Support:"${COL_RESET}
  echo -e "If you are using customized locales then please copy the files"
  echo -e "ending in .po into the${COL_YELLOW} "${CUSTOMDIR}" ${COL_RESET} directory. eg. es-ES.po."
+sleep 0.1
+echo
+echo -e ${COL_BLUE}"8 __SIP firewall whitelist support:"${COL_RESET} ${COL_BR_YELLOW}"***NEW***"${COL_RESET}
+echo -e "If you want to restrict access to the SIP server from"
+echo -e "clients in a whitelist then add the file sip_whitelist.fw"
+echo -e "with the list of single IPs or ranges one per line"
+echo -e "to the"${COL_YELLOW} "${CUSTOMDIR}" ${COL_RESET} directory.
+
  sleep 3
  echo
  echo -e "Press ${COL_BR_CYAN}[Enter]${COL_RESET} to continue or ${COL_BR_CYAN}[Ctrl-C]${COL_RESET} to quit now" 
@@ -1631,8 +1640,16 @@ for LVS in $MACHINES_LVS_ONLY
          cp -f "$TEMPLATEDIR/lvs/ntp.conf" "$OUTDIR/$LVS/etc"
          cp -f "$TEMPLATEDIR/lvs/resolv.conf" "$OUTDIR/$LVS/etc"
          cp -f "$TEMPLATEDIR/lvs/main.cf" "$OUTDIR/$LVS/etc/postfix"
-
-
+       if [ -e "$CUSTOMDIR/${SIP_FW_WHITELIST_FILE}" ] 
+       then
+               echo
+               echo -e ${COL_GREEN}"Using SIP firewall whitelist found in ${CUSTOMDIR}"${COL_RESET}
+               sleep 2
+               cp -f "${CUSTOMDIR}/${SIP_FW_WHITELIST_FILE}" "$OUTDIR/$LVS/etc/network"
+       else
+               echo -e ${COL_BR_RED}"sip_whitelist.fw NOT FOUND in ${CUSTOMDIR}"${COL_RESET}
+               sleep 2
+       fi
         sed -i "s^CLUSTER_DOMAIN_NAME^$CLUSTERDOMAINNAME^g" "$OUTDIR/$LVS/etc/resolv.conf"
         sed -i "s^HostName^$LVS^g" "$OUTDIR/$LVS/etc/postfix/main.cf"
         sed -i "s^ClusterDomainName^$CLUSTERDOMAINNAME^g" "$OUTDIR/$LVS/etc/postfix/main.cf"
author	Andy Witter <awitter@georgialibraries.org>
	Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)
committer	Andy Witter <awitter@georgialibraries.org>
	Tue, 9 Apr 2019 18:17:00 +0000 (14:17 -0400)