One Hat Cyber Team

Your IP : 216.73.216.139

Server IP : 23.137.84.82

Server : Linux srv25.usacloudserver.us 5.14.0-570.39.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Sep 4 05:08:52 EDT 2025 x86_64

Server Software : LiteSpeed

PHP Version : 8.1.33

Buat File | Buat Folder

Dir : ~/proc/thread-self/root/opt/cpguard/app/scripts/

Edit File: reset_iptables.sh

#!/bin/bash
#
# Selective CPGuard Firewall Reset Script
# Removes only CPGuard-related chains and sets without affecting other firewall rules
#

set -e

echo "Starting selective CPGuard firewall cleanup..."

# Function to check if command exists
command_exists() {
    command -v "$1" >/dev/null 2>&1
}

# Function to safely remove jump rules
remove_jump_rules() {
    local ipt="$1"
    local base_chain="$2"
    local target_chain="$3"

# Check if base chain exists
    if ! $ipt -L "$base_chain" -n >/dev/null 2>&1; then
        return
    fi

# Find and remove all jump rules to target chain
    while $ipt -C "$base_chain" -j "$target_chain" 2>/dev/null; do
        echo "  Removing jump from $base_chain to $target_chain"
        $ipt -D "$base_chain" -j "$target_chain" 2>/dev/null || true
    done
}

# Function to flush and delete cpg_ chains
cleanup_chains() {
    local ipt="$1"
    local ipt_name="$2"

echo "Processing $ipt_name chains..."

# Get list of all chains
    local chains=$($ipt -L -n 2>/dev/null | grep "^Chain cpg" | awk '{print $2}' || true)

if [ -z "$chains" ]; then
        echo "  No cpg_ chains found in $ipt_name"
        return
    fi

# First, remove all references (jump rules) to cpg_ chains from base chains
    for chain in $chains; do
        echo "  Removing references to chain: $chain"
        remove_jump_rules "$ipt" "INPUT" "$chain"
        remove_jump_rules "$ipt" "OUTPUT" "$chain"
        remove_jump_rules "$ipt" "FORWARD" "$chain"

# Also check custom chains that might reference cpg_ chains
        local all_chains=$($ipt -L -n 2>/dev/null | grep "^Chain" | awk '{print $2}' | grep -v "^cpg" || true)
        for parent_chain in $all_chains; do
            # Remove any rules that jump to cpg_ chains
            while $ipt -L "$parent_chain" -n --line-numbers 2>/dev/null | grep -q "cpg"; do
                local line_num=$($ipt -L "$parent_chain" -n --line-numbers 2>/dev/null | grep "cpg" | head -1 | awk '{print $1}')
                if [ -n "$line_num" ]; then
                    echo "    Removing rule $line_num from $parent_chain"
                    $ipt -D "$parent_chain" "$line_num" 2>/dev/null || true
                else
                    break
                fi
            done
        done
    done

# Now flush and delete the chains
    for chain in $chains; do
        echo "  Flushing chain: $chain"
        $ipt -F "$chain" 2>/dev/null || true

echo "  Deleting chain: $chain"
        $ipt -X "$chain" 2>/dev/null || true
    done

echo "  Completed $ipt_name chain cleanup"
}

# Function to destroy c_ prefixed ipsets
cleanup_ipsets() {
    if ! command_exists ipset; then
        echo "ipset not found, skipping ipset cleanup"
        return
    fi

echo "Processing ipsets..."

# Get list of all sets with c_ prefix
    local sets=$(ipset list -name 2>/dev/null | grep "^c_" || true)

if [ -z "$sets" ]; then
        echo "  No c_ ipsets found"
        return
    fi

# Destroy each set
    for set in $sets; do
        echo "  Destroying ipset: $set"
        ipset destroy "$set" 2>/dev/null || true
    done

echo "  Completed ipset cleanup"
}

# Main cleanup process

# Clean up IPv4 iptables only
if command_exists iptables; then
    cleanup_chains "iptables" "iptables"
else
    echo "iptables not found, cannot proceed"
    exit 1
fi

# Clean up ipsets
cleanup_ipsets

echo ""
echo "Selective CPGuard firewall cleanup completed successfully!"
echo ""
echo "Summary:"
echo "  - Removed all IPv4 chains starting with 'cpg_'"
echo "  - Removed all ipsets starting with 'c_'"
echo "  - IPv6 and other firewall rules remain intact"