59 lines
1.4 KiB
Bash
59 lines
1.4 KiB
Bash
|
#!/bin/sh
|
||
|
#
|
||
|
# Script to setup drone pairing
|
||
|
#
|
||
|
|
||
|
# Getting Iphone's MAC address from config.ini file.
|
||
|
NULL_MAC=00:00:00:00:00:00
|
||
|
if [ $# -eq 0 ]
|
||
|
then
|
||
|
if [ -s /data/config.ini ]
|
||
|
then
|
||
|
MAC_ADDR=`grep owner_mac /data/config.ini | awk -F "=" '{print $2}'`
|
||
|
else
|
||
|
MAC_ADDR=$NULL_MAC
|
||
|
fi
|
||
|
else
|
||
|
MAC_ADDR=$1
|
||
|
fi
|
||
|
|
||
|
echo "Owner's MAC address is: $MAC_ADDR"
|
||
|
|
||
|
# [Stephane] Exits if owner MAC address is already being filtered
|
||
|
# (changing iptables rules too often may crash the drone for a undetermined reason)
|
||
|
CURRENTLY_ALLOWED_MAC_ADDR=`iptables -L | grep MAC | awk -F " " '{print $7}'`
|
||
|
if [ "$CURRENTLY_ALLOWED_MAC_ADDR" = "$MAC_ADDR" ]
|
||
|
then
|
||
|
echo "Drone is already paired with $MAC_ADDR"
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
if [ $MAC_ADDR != $NULL_MAC ]
|
||
|
then
|
||
|
echo "Setting pairing for: $MAC_ADDR"
|
||
|
# Clearing all rules
|
||
|
iptables -P INPUT ACCEPT
|
||
|
iptables -F
|
||
|
# Allowing only owner's traffic
|
||
|
iptables -A INPUT -m mac --mac-source $MAC_ADDR -j ACCEPT
|
||
|
# allowing ICMP (ping), ftp, nfs and telnet traffic for everyone.
|
||
|
iptables -A INPUT --protocol icmp -j ACCEPT
|
||
|
#iptables -A INPUT --protocol tcp --dport 23 -j ACCEPT
|
||
|
iptables -A INPUT --protocol tcp --dport 21 -j ACCEPT
|
||
|
iptables -A INPUT --protocol tcp --dport 2049 -j ACCEPT
|
||
|
# Blocking all incoming traffic by default
|
||
|
iptables -P INPUT DROP
|
||
|
else
|
||
|
echo "Clearing pairing rule"
|
||
|
# Switching rad LED on
|
||
|
gpio 63 -d ho 1
|
||
|
|
||
|
# Clearing all rules
|
||
|
iptables -F
|
||
|
# Allows incoming connections from anywhere outside
|
||
|
iptables -P INPUT ACCEPT
|
||
|
|
||
|
# Switching rad LED off
|
||
|
gpio 63 -d ho 0
|
||
|
fi
|