#!/bin/sh
# rebuild-hosts.allow.sh
# Rebuild /etc/hosts.allow From Standard And User-Requested Entries
# Part Of The 'tperimeter' Package
#
# Copyright (c) 2006 TundraWare Inc., Des Plaines, IL USA
# All Rights Reserved

RCSID='$Id: rebuild-hosts.allow.sh,v 1.104 2006/05/03 06:39:56 tundra Exp $'

BASE="/usr/local/etc/tperimeter"
EPILOGUE=${BASE}/epilogue
PROLOGUE=${BASE}/prologue
STDALLOW=${BASE}/allow
STDDENY=${BASE}/deny
USERREQUESTS="/www/cgi-bin/tperimeter/requests"

#####
# Function To Scan A Directory Structure To Build
# "Allow" Entries In Proper /etc/hosts.allow Format
#####

BuildEntries()
{
  if [ -d $1 ]          # Only attempt this if the allow/deny directory exists
  then
    cd $1
    for x in *
      do
        if [ $x != '*' ]  # Only if there are services specified therein
        then
          cd $x
          list=""
          for y in *
          do
            if [ $y != '*' ]    # Only create list if actual addresses are present
            then
              list=${list}${y}" "
            fi
          done
          if [ "$list" ]       # Output complete rule for all non-empty address lists
          then
            echo "$x: $list :$2"
          fi
          cd ..
        fi
      done
  fi
}

# End Of 'BuildEntries()'


#####
# Rebuild /etc/hosts-allow
#####

# Timestamp it

echo "# Built By:  ${RCSID}"
echo "# Built On:  `date`"
echo ""

# First, the standard prologue

cat ${PROLOGUE}


# Add any user-requested temporary additions

echo "# Access Requested Via The 'tperimeter' Interface"
echo ""

BuildEntries ${USERREQUESTS} "ALLOW"


# Delete the user requests

rm -rf ${USERREQUESTS}


# Now include the standard set of access definitions

echo ""
echo "# Standard 'Deny' Entries"
echo ""

BuildEntries ${STDDENY}  "DENY"

echo ""
echo "# Standard 'Allow' Entries"
echo ""

BuildEntries ${STDALLOW} "ALLOW"
echo ""
echo ""

# Finally, add the epilogue

cat ${EPILOGUE}