#!/bin/bash
#
# Copyright (c) 2022-2023 Oracle and/or its affiliates. All rights reserved.
# Licensed under the GNU General Public License Version 3 as shown at https://www.gnu.org/licenses/gpl-3.0.txt.

port_whitelist="53/tcp 53/udp 443/tcp 6379/tcp 8080/tcp 8090/tcp 10250/tcp 10255/tcp 8472/udp 6443/tcp 2379/tcp 2380/tcp 2381/tcp 10249/tcp 10251/tcp 10252/tcp 7946/tcp 7946/udp 10256/tcp 9100/tcp 10257/tcp 10259/tcp"
protocol_whitelist="vrrp"

firewall-cmd --state > /dev/null 2>&1
return_code=$?
if [ ${return_code} -eq 0 ]; then
  add="--add-port=$1/$2"
  if [ -z "$2" ]; then
    add="--add-protocol=$1"
    if ! echo "$protocol_whitelist" | grep -w "$1"; then
      echo "$1 protocol is not permitted by this tool"
      exit 1
    fi
  else
    if ! echo "$port_whitelist" | grep -w "$1/$2"; then
      echo "$1/$2 port is not permitted by this tool"
      exit 1
    fi
  fi

  firewall-cmd --zone=public "$add"
  firewall-cmd --zone=public "$add" --permanent
fi
