Skip to content

Commit

Permalink
Added support for defaults
Browse files Browse the repository at this point in the history
  • Loading branch information
@seud0nym
seud0nym committed Aug 18, 2021
1 parent 46ad8fd commit 01e7468
Show file tree
Hide file tree
Showing 2 changed files with 104 additions and 88 deletions.
158 changes: 83 additions & 75 deletions utilities/de-telstra
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,90 @@ upgrade() {
exit
}

# Options
set_defaults() {
ALG='u'
ALG_LAN='u'
DECT='u'
DLNAD='u'
DOMAIN='u'
DUMAOS='u'
GUEST='y'
HOST='u'
LITE='n'
MMPBX='u'
MULTIAP='u'
NFC='u'
NS='u'
OPKG='n'
POWER='u'
PRNTR='u'
ROOT_PROTECT='u'
SAMBA='u'
SUPERVISION='u'
UPNP='u'
WPS='u'
# Overrides
AIR='n'
CWMP='n'
KEYS='n'
MONITORING='n'
NTP='n'
NOEXEC='n'
}

set_defaults
if [ -f .defaults.de-telstra ]; then
. ./.defaults.de-telstra
fi

while getopts :a:b:c:d:e:f:g:h:k:m:n:op:q:r:s:t:u:w:AF:GMRSU-: option
do
case "${option}" in
-) case "${OPTARG}" in no-defaults) set_defaults;; *) usage;; esac;;
a) case "${OPTARG}" in y) ALG='1';; n) ALG='0';; u) ALG='u';; *) ALG='u'; echo 'ERROR: -a valid options are y, n, or u'; exit 1;; esac;;
b) case "${OPTARG}" in y) ALG_LAN='1';; n) ALG_LAN='0';; u) ALG_LAN='u';; *) ALG_LAN='u'; echo 'ERROR: -b valid options are y, n, or u'; exit 1;; esac;;
c) case "${OPTARG}" in y) DLNAD='1';; n) DLNAD='0';; u) DLNAD='u';; *) DLNAD='u'; echo 'ERROR: -c valid options are y, n, or u'; exit 1;; esac;;
d) case "${OPTARG}" in g|G) DOMAIN='gateway';; l|L) DOMAIN='lan';; u) DOMAIN='u';; *) DOMAIN="${OPTARG}";; esac;;
e) case "${OPTARG}" in y) DECT='1';; n) DECT='0';; u) DECT='u';; *) DECT='u'; echo 'ERROR: -e valid options are y, n, or u'; exit 1;; esac;;
f) case "${OPTARG}" in y) SAMBA='1';; n) SAMBA='0';; u) SAMBA='u';; *) SAMBA='u'; echo 'ERROR: -f valid options are y, n, or u'; exit 1;; esac;;
g) case "${OPTARG}" in y) DUMAOS='1';; n) DUMAOS='0';; u) DUMAOS='u';; *) DUMAOS='u'; echo 'ERROR: -g valid options are y, n, or u'; exit 1;; esac;;
h) HOST=${OPTARG};;
k) case "${OPTARG}" in k) KEYS='y';; c) CWMP='y';; m) MONITORING='y';; a) AIR='y';; n) NTP='y';; s) SUPERVISION='BFD';; x) NOEXEC='y';; T) KEYS='y'; CWMP='y'; MONITORING='y'; AIR='y'; NTP='y'; SUPERVISION='BFD'; NOEXEC='y';; *) echo "ERROR: Unknown override option $OPTARG"; exit 1;; esac;;
m) case "${OPTARG}" in y) MULTIAP='1';; n) MULTIAP='0';; u) MULTIAP='u';; *) MULTIAP='u'; echo 'ERROR: -m valid options are y, n, or u'; exit 1;; esac;;
n) NS=${OPTARG};;
o) OPKG='y';;
p) case "${OPTARG}" in y) POWER='y';; n) POWER='n';; u) POWER='u';; d) POWER='d';; *) POWER='u'; echo 'ERROR: -p valid options are y, n, u or d'; exit 1;; esac;;
q) case "${OPTARG}" in y) NFC='1';; n) NFC='0';; u) NFC='u';; *) NFC='u'; echo 'ERROR: -q valid options are y, n, or u'; exit 1;; esac;;
r) case "${OPTARG}" in y) PRNTR='1';; n) PRNTR='0';; u) PRNTR='u';; *) PRNTR='u'; echo 'ERROR: -r valid options are y, n, or u'; exit 1;; esac;;
s) case "${OPTARG}" in d) SUPERVISION='BFD';; d) SUPERVISION='DNS';; n) SUPERVISION='Disabled';; u) SUPERVISION='u';; *) SUPERVISION='u'; echo 'ERROR: -s valid options are b, d, n, or u'; exit 1;; esac;;
t) case "${OPTARG}" in y) MMPBX='1';; n) MMPBX='0';; u) MMPBX='u';; *) MMPBX='u'; echo 'ERROR: -t valid options are y, n, or u'; exit 1;; esac;;
u) case "${OPTARG}" in y) UPNP='1';; n) UPNP='0';; u) UPNP='u';; *) UPNP='u'; echo 'ERROR: -u valid options are y, n, or u'; exit 1;; esac;;
w) case "${OPTARG}" in y) WPS='1';; n) WPS='0';; u) WPS='u';; *) WPS='u'; echo 'ERROR: -w valid options are y, n, or u'; exit 1;; esac;;
A) HOST='d'; DOMAIN='gateway'; ALG='0'; DLNAD='0'; SAMBA='0'; PRNTR='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1'; SUPERVISION='DNS';;
F) case "${OPTARG}" in y) ROOT_PROTECT='1';; n) ROOT_PROTECT='0';; u) ROOT_PROTECT='u';; *) ROOT_PROTECT='u'; echo 'ERROR: -F valid options are y, n, or u'; exit 1;; esac;;
G) GUEST='n';;
M) LITE='y'; ALG='0'; DECT='0'; DLNAD='0'; DUMAOS='0'; MMPBX='0'; MULTIAP='0'; NFC='0'; PRNTR='0'; SAMBA='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1';;
R) LITE='R'; HOST='mymodem'; DOMAIN='modem'; NS='a'; ALG='1'; DLNAD='1'; DUMAOS='0'; SAMBA='1'; MULTIAP='1'; POWER='d'; PRNTR='1'; MMPBX='1'; DECT='1'; UPNP='1'; ROOT_PROTECT='0'; NFC='y'; SUPERVISION='BFD';;
S) HOST='s'; DOMAIN='gateway'; ALG='0'; DLNAD='0'; SAMBA='0'; PRNTR='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1'; SUPERVISION='DNS';;
U) upgrade;;
?) usage;;
esac
done

status2text() {
if [ "$1" = "0" ]; then
echo Disabled
else
echo Enabled
fi
}

VERSION=$(uci get version.@version[0].marketing_version)
VARIANT=$(uci -q get env.var.variant_friendly_name | sed -e 's/TLS//')
MAC_HEX=$(uci -q get env.var.ssid_mac_postfix_r0)

PACKAGES_TO_REMOVE=""

# Keep count of changes so we know whether to restart services
SRV_bulkdata=0
Expand Down Expand Up @@ -149,81 +232,6 @@ else
SRV_nfc=-1
fi

PACKAGES_TO_REMOVE=""

# Options
VARIANT=$(uci -q get env.var.variant_friendly_name | sed -e 's/TLS//')
MAC_HEX=$(uci -q get env.var.ssid_mac_postfix_r0)
ALG='u'
ALG_LAN='u'
DECT='u'
DLNAD='u'
DOMAIN='u'
DUMAOS='u'
GUEST='y'
HOST='u'
LITE='n'
MMPBX='u'
MULTIAP='u'
NFC='u'
NS='u'
OPKG='n'
POWER='u'
PRNTR='u'
ROOT_PROTECT='u'
SAMBA='u'
SUPERVISION='u'
UPNP='u'
WPS='u'
# Overrides
AIR='n'
CWMP='n'
KEYS='n'
MONITORING='n'
NTP='n'
NOEXEC='n'

while getopts :a:b:c:d:e:f:g:h:k:m:n:op:q:r:s:t:u:w:AF:GMRSU option
do
case "${option}" in
a) case "${OPTARG}" in y) ALG='1';; n) ALG='0';; u) ALG='u';; *) ALG='u'; echo 'ERROR: -a valid options are y, n, or u'; exit 1;; esac;;
b) case "${OPTARG}" in y) ALG_LAN='1';; n) ALG_LAN='0';; u) ALG_LAN='u';; *) ALG_LAN='u'; echo 'ERROR: -b valid options are y, n, or u'; exit 1;; esac;;
c) case "${OPTARG}" in y) DLNAD='1';; n) DLNAD='0';; u) DLNAD='u';; *) DLNAD='u'; echo 'ERROR: -c valid options are y, n, or u'; exit 1;; esac;;
d) case "${OPTARG}" in g|G) DOMAIN='gateway';; l|L) DOMAIN='lan';; u) DOMAIN='u';; *) DOMAIN="${OPTARG}";; esac;;
e) case "${OPTARG}" in y) DECT='1';; n) DECT='0';; u) DECT='u';; *) DECT='u'; echo 'ERROR: -e valid options are y, n, or u'; exit 1;; esac;;
f) case "${OPTARG}" in y) SAMBA='1';; n) SAMBA='0';; u) SAMBA='u';; *) SAMBA='u'; echo 'ERROR: -f valid options are y, n, or u'; exit 1;; esac;;
g) case "${OPTARG}" in y) DUMAOS='1';; n) DUMAOS='0';; u) DUMAOS='u';; *) DUMAOS='u'; echo 'ERROR: -g valid options are y, n, or u'; exit 1;; esac;;
h) HOST=${OPTARG};;
k) case "${OPTARG}" in k) KEYS='y';; c) CWMP='y';; m) MONITORING='y';; a) AIR='y';; n) NTP='y';; s) SUPERVISION='BFD';; x) NOEXEC='y';; T) KEYS='y'; CWMP='y'; MONITORING='y'; AIR='y'; NTP='y'; SUPERVISION='BFD'; NOEXEC='y';; *) echo "ERROR: Unknown override option $OPTARG"; exit 1;; esac;;
m) case "${OPTARG}" in y) MULTIAP='1';; n) MULTIAP='0';; u) MULTIAP='u';; *) MULTIAP='u'; echo 'ERROR: -m valid options are y, n, or u'; exit 1;; esac;;
n) NS=${OPTARG};;
o) OPKG='y';;
p) case "${OPTARG}" in y) POWER='y';; n) POWER='n';; u) POWER='u';; d) POWER='d';; *) POWER='u'; echo 'ERROR: -p valid options are y, n, u or d'; exit 1;; esac;;
q) case "${OPTARG}" in y) NFC='1';; n) NFC='0';; u) NFC='u';; *) NFC='u'; echo 'ERROR: -q valid options are y, n, or u'; exit 1;; esac;;
r) case "${OPTARG}" in y) PRNTR='1';; n) PRNTR='0';; u) PRNTR='u';; *) PRNTR='u'; echo 'ERROR: -r valid options are y, n, or u'; exit 1;; esac;;
s) case "${OPTARG}" in d) SUPERVISION='BFD';; d) SUPERVISION='DNS';; n) SUPERVISION='Disabled';; u) SUPERVISION='u';; *) SUPERVISION='u'; echo 'ERROR: -s valid options are b, d, n, or u'; exit 1;; esac;;
t) case "${OPTARG}" in y) MMPBX='1';; n) MMPBX='0';; u) MMPBX='u';; *) MMPBX='u'; echo 'ERROR: -t valid options are y, n, or u'; exit 1;; esac;;
u) case "${OPTARG}" in y) UPNP='1';; n) UPNP='0';; u) UPNP='u';; *) UPNP='u'; echo 'ERROR: -u valid options are y, n, or u'; exit 1;; esac;;
w) case "${OPTARG}" in y) WPS='1';; n) WPS='0';; u) WPS='u';; *) WPS='u'; echo 'ERROR: -w valid options are y, n, or u'; exit 1;; esac;;
A) HOST='d'; DOMAIN='gateway'; ALG='0'; DLNAD='0'; SAMBA='0'; PRNTR='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1'; SUPERVISION='DNS';;
F) case "${OPTARG}" in y) ROOT_PROTECT='1';; n) ROOT_PROTECT='0';; u) ROOT_PROTECT='u';; *) ROOT_PROTECT='u'; echo 'ERROR: -F valid options are y, n, or u'; exit 1;; esac;;
G) GUEST='n';;
M) LITE='y'; ALG='0'; DECT='0'; DLNAD='0'; DUMAOS='0'; MMPBX='0'; MULTIAP='0'; NFC='0'; PRNTR='0'; SAMBA='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1';;
R) LITE='R'; HOST='mymodem'; DOMAIN='modem'; NS='a'; ALG='1'; DLNAD='1'; DUMAOS='0'; SAMBA='1'; MULTIAP='1'; POWER='d'; PRNTR='1'; MMPBX='1'; DECT='1'; UPNP='1'; ROOT_PROTECT='0'; NFC='y'; SUPERVISION='BFD';;
S) HOST='s'; DOMAIN='gateway'; ALG='0'; DLNAD='0'; SAMBA='0'; PRNTR='0'; UPNP='0'; WPS='0'; ROOT_PROTECT='1'; SUPERVISION='DNS';;
U) upgrade;;
?) usage;;
esac
done

status2text() {
if [ "$1" = "0" ]; then
echo Disabled
else
echo Enabled
fi
}

echo [$SCRIPT]: Applying default hardening rules...

if [ "$(uci -q get cwmpd.cwmpd_config.state)" -eq "1" -o -e /etc/init.d/cwmpd ]; then
Expand Down
34 changes: 21 additions & 13 deletions utilities/reset-to-factory-defaults-with-root
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,22 +63,28 @@ upgrade() {
exit
}

ACTIVE="$(cat /proc/banktable/active)"
BOOTED="$(cat /proc/banktable/booted)"
BKUP=""
CWMP=""
FIRMWARE=""
IPADDR=""
KEYS=""
NOEXEC=""
ROOTPWD="root"
REBOOT="Y"
VERBOSE=N
YES=N
set_defaults() {
BKUP=""
CWMP=""
FIRMWARE=""
IPADDR=""
KEYS=""
NOEXEC=""
ROOTPWD="root"
REBOOT="Y"
VERBOSE=N
YES=N
}

while getopts :bcef:iI:knp:vyU option
set_defaults
if [ -f .defaults.reset-to-factory-defaults-with-root ]; then
. ./.defaults.reset-to-factory-defaults-with-root
fi

while getopts :bcef:iI:knp:vyU-: option
do
case "${option}" in
-) case "${OPTARG}" in no-defaults) set_defaults;; *) usage;; esac;;
b) BKUP="Y";;
c) CWMP="Y";;
e) NOEXEC="Y";;
Expand All @@ -101,6 +107,8 @@ do
esac
done

ACTIVE="$(cat /proc/banktable/active)"
BOOTED="$(cat /proc/banktable/booted)"
MOUNT_PATH=$(uci get mountd.mountd.path)
USB="$(ls $MOUNT_PATH | head -n1)"

Expand Down

0 comments on commit 01e7468

Please sign in to comment.