#!/bin/bash

# File path
CSF_CONF="/etc/csf/csf.conf"

# Ports you want to remove
REMOVE_PORTS=("2077" "2078" "2079" "2080" "2082" "2083" "2086" "2087" "2095" "2096")

# Create backup
BACKUP_FILE="${CSF_CONF}.bak_$(date +%F_%H-%M-%S)"
cp "$CSF_CONF" "$BACKUP_FILE"

echo "Backup created: $BACKUP_FILE"

# Get TCP_IN line
TCP_LINE=$(grep "^TCP_IN" "$CSF_CONF")

# Extract ports
PORTS=$(echo "$TCP_LINE" | sed -E 's/^TCP_IN = "(.*)"/\1/')

# Convert to array
IFS=',' read -ra PORT_ARRAY <<< "$PORTS"

# Remove unwanted ports
NEW_PORTS=()
for port in "${PORT_ARRAY[@]}"; do
    skip=false
    for rport in "${REMOVE_PORTS[@]}"; do
        if [[ "$port" == "$rport" ]]; then
            skip=true
            break
        fi
    done
    if ! $skip; then
        NEW_PORTS+=("$port")
    fi
done

# Join back
NEW_PORTS_STRING=$(IFS=,; echo "${NEW_PORTS[*]}")

# Replace in file
sed -i -E "s/^TCP_IN = \".*\"/TCP_IN = \"$NEW_PORTS_STRING\"/" "$CSF_CONF"

echo "Updated TCP_IN: $NEW_PORTS_STRING"

# Restart CSF
csf -x && csf -e

echo "CSF restarted successfully."