#!/bin/bash
# This script should be run with sudo permissions!


# check if firewall progamm is installed
if command -v firewall-cmd | grep firewall-cmd
then
    echo "firewall-cmd is installed."
else
    echo "firewall-cmd command was not found on system! Please make sure to install it first."
    exit 0
fi

# get consent to delete all present configurations
echo "This script will overwrite all custom configurations to firewall-cmd you might have done in the past! Do you want to proceed? [y/n]"
read continue
if [ ${continue} != y ]
then
    exit 0
fi


# make sure the firewalld service is running and will be activated at system start
systemctl enable firewalld
systemctl start firewalld

# fw configurations are saved in /etc/firewalld/zones; delete all files in the directory and do a complete reset
su - root -c "rm -rf /etc/firewalld/zones/*"
firewall-cmd --complete-reload
# create custom zone
firewall-cmd --permanent --new-zone=deterrers-zone

# make custom zone available in runtime configuration
firewall-cmd --reload



# set the target of custom zone to REJECT in order to make it default behaviour
firewall-cmd --permanent --zone=deterrers-zone --set-target=REJECT

# make custom zone default
firewall-cmd --set-default-zone=deterrers-zone

# make changes permanent
firewall-cmd --runtime-to-permanent

firewall-cmd --reload