code.fastix.org

Dateiansicht:

Datei:Projekte -> Apache,mod_evasive,iptables:Helfer-Skripte zum (zeitweisen) Blockieren von IP-Adressen -> fwblock4time
md5:bed02a48fa27e1cb4ed28d007242e808
sha1:4a2ce3491a99e0668623a9d56fde2d710ba2d063
  1. #!/usr/bin/sudo /bin/bash
  2.  
  3. ## safety instructions:   ##
  4. ##   chown root:root      ##
  5. ##   chmod 0755           ##
  6. #
  7.  
  8. ## fwblock4time
  9. # need root-rights, see below
  10. # need at ( e.g. apt install at)
  11. # need sudo (e.g. apt install sudo)
  12. # need iptables
  13. # need fwblock
  14. # need fwunblock
  15.  
  16. ## Using with mod_evasive:
  17. # copy this script to "/usr/sbin/fwblock4time"
  18. # do chown root:root /usr/sbin/fwblock4time
  19. # do chmod 700 /usr/sbin/BlockIP4Time.sh
  20. # install sudo
  21. # use sudo visudo to insert a row "www-data  ALL=NOPASSWD: /usr/sbin/fwblock4time" into /etc/sudoers
  22. # set 'DOSSystemCommand    "sudo /usr/sbin/fwblock4time %s 10"' (to block the ip for 10 minutes= in /etc/apache2/mods-available/evasive.conf
  23.  
  24. ## Args:
  25. # First:  String, The IP   (If unset the skript will exit with error 1)
  26. # Second: Integer minutes to unblock (If unset the default is 1 minute.
  27. # Hint: show `man at` for formates)
  28. # Hint: show /etc/apache2/mods-available/evasive.conf for the time (DOSBlockingPeriod)
  29.  
  30. ## Settings:
  31.  
  32. fwblock='/usr/sbin/fwblock';
  33. fwunblock='/usr/sbin/fwunblock';
  34. DOSLogDir='/tmp'; # show in /etc/apache2/mods-available/evasive.conf
  35.  
  36. ## RUN!
  37.  
  38. if [ ! -f  /var/run/atd.pid ]; then
  39.         echo "Fatal: The at-demon is not running!"  >&2;
  40. fi
  41.  
  42. if [ -z "${1}" ]; then
  43.         echo "No IP given. This is a Error." >&2;
  44.         exit 1;
  45. fi
  46.  
  47. ip=$(echo -n "${1}" | tr -cd '0123456789./');
  48. bt=$(echo -n "${2}" | tr -cd '0123456789');
  49.  
  50. if [ 0 -eq $(($bt)) ]; then
  51.         bt='now +1minutes';
  52. else
  53.         bt="now +${bt}minutes";
  54. fi
  55.  
  56. echo "IP ${ip} will blocked temporary. Block end in '${bt}'" | logger -t 'fwblock4time';
  57.  
  58. if ${fwblock} ${ip}; then
  59.     cmd="${fwunblock} '${ip}'; rm '/var/log/apache2/dos-${ip}'";
  60.     ret=$(echo ${cmd} | at ${bt} 1>/dev/null 2>/dev/null; echo $?);
  61.     if [ 0 -ne ${ret} ]; then
  62.                 echo -en "Sorry. Error ${ret} by putting the job to the atd. You have to delete the IP ${ip} manually.\nUse ${cmd} to do that.\n";
  63.         fi
  64. else
  65.         echo "Sorry. calling '${fwblock}' exits with error ${?}";
  66. fi
  67.