#!/bin/sh

IFACE=eth1
if [ -n "$1" ]; then
  IFACE=$1
fi
IP=`/sbin/ifconfig $IFACE | grep "inet addr:" | cut -d: -f2 | cut '-d ' -f1`
if [ -z "$IP" ]; then
  echo ERROR: Unknown interface $IFACE
  echo Usage: $0 interface
fi

for port in `netstat -an --inet | grep LIST | cut -d: -f2 | cut '-d ' -f1|sort -u -n`; do
	echo -n "TCP $port "
	/sbin/ipfwadm -I -c -P tcp -V $IP -W $IFACE -S 1.2.3.4 1234 -D $IP $port | sed -e 's/packet accepted/WARNING ACCEPTED!/' -e 's/packet rejected/OK rejected/' -e 's/packet denyed/OK dropped/'
done
for port in `netstat -an --inet | grep "^udp" | cut -d: -f2 | cut '-d ' -f1|sort -u -n`; do
	echo -n "UDP $port "
	/sbin/ipfwadm -I -c -P udp -V $IP -W $IFACE -S 1.2.3.4 1234 -D $IP $port | sed -e 's/packet accepted/WARNING ACCEPTED!/' -e 's/packet rejected/OK rejected/' -e 's/packet denyed/OK dropped/'
done