2013/07/10

Linux bash shell options parsing


Normally, command line parameters come in as separate, positional values, and may be referenced as:
  • $# - the number of command line arguments (positional parameters)
  • $* - all positional parameters expressed as a single string
  • $@ - all positional parameters, but with each as a quoted string (each positional parameter is intact and presented as a quoted string)
  • $0 - (the base name of the script itself)
  • $1 - The first positional parameter
  • $2 - The second positional parameter, and $3, $4, etc.  Starting with 10, they must be expressed as ${10}, ${11}, etc.
Sometimes a variable is passed from a wrapper script to a child script where the positional parameter is in fact several parameters that should be parsed separately.

Here, we test for that case, and if found, we peel off the first parameter within that group of strings, and assign the remaining parameters in the group of springs:

# from the front, and make the rest of the data be the options passed to rsync.
if [ $# -eq 1 ]; then
{
   Params=($1)
   PARAM_1=${Params[0]}
   unset Params[0]
   ChildCommandOpts=${Params[*]}
} fi


2013/07/02

Manipulate windows firewall from CLI

The windows firewall UI is a bit cumbersome.  This method will let you set up a host reliably to be secure, and to allow only inbound traffic that you want.

Enable firewall in all profiles (home / domain / public)
netsh advfirewall set allprofiles state on

By default, deny all inbound and allow all outbound traffic
netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound

Add rule to allow SMTP traffic inbound to a specific port from a specific network range
netsh advfirewall firewall add rule name="Allow Inbound TCP/25 from SMTP relay hosts" protocol=TCP dir=in localport=25 action=allow remoteip=10.20.30.0/24


Add rule to allow all HTTP and HTTPS traffic inbound
netsh advfirewall firewall add rule name="Allow Inbound TCP/80 from everywhere" protocol=TCP dir=in localport=80 action=allow