Created firewallcmd-multiport

config/action.d/firewallcmd-multiport.conf

@@ -17,9 +17,10 @@ actionstop = firewall-cmd --direct --remove-rule ipv4 filter <chain> 0 -m state
              firewall-cmd --direct --remove-rules ipv4 filter f2b-<name>
              firewall-cmd --direct --remove-chain ipv4 filter f2b-<name>
 
-# Note:  uses regular expression word boundaries '\b' 
+# Note:  uses regular expression whitespaces '\s' & end of line '$'
-# Example actioncheck: firewall-cmd --direct --get-chains ipv4 filter | grep -q '\bf2b-apache-modsecurity\b'
+# Example actioncheck: firewall-cmd --direct --get-chains ipv4 filter | grep -q '\sf2b-apache-modsecurity$'
-actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '\bf2b-<name>\b'
+
+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '\sf2b-<name>$'
 
 actionban = firewall-cmd --direct --add-rule ipv4 filter f2b-<name> 0 -s <ip> -j <blocktype>
 
@@ -32,8 +33,10 @@ name = default
 
 chain = INPUT_direct
 
+# Could also use port numbers separated by a comma. 
 port = 1:65535
 
+
 # Option:  protocol
 # Values:  [ tcp | udp | icmp | all ]
 
@@ -56,6 +59,6 @@ protocol = tcp
 # $ sudo firewall-cmd --direct --add-rule ipv4 filter INPUT_direct 0 -m state --state NEW -p tcp -m multiport --dports 80,443 -j f2b-apache-modsecurity
 # success
 # actioncheck:
-# $ firewall-cmd --direct --get-chains ipv4 filter f2b-apache-modsecurity | grep -q '\bf2b-apache-modsecurity\b'
+# $ firewall-cmd --direct --get-chains ipv4 filter f2b-apache-modsecurity | grep -q '\sf2b-apache-modsecurity$'
 # f2b-apache-modsecurity