code.fastix.org

Dateiansicht:

Datei:Projekte -> Apache,mod_evasive,iptables:Helfer-Skripte zum (zeitweisen) Blockieren von IP-Adressen -> fwblock4time
md5:b9e36bf0cddc29701e49843de63005a2
sha1:cc17a2eb4fc6743efed5044f822326acb3c6235d
Download-Link:Download
  1. #!/usr/bin/sudo /bin/bash
  2.  
  3. ## safety instructions:   ##
  4. ##   chown root:root      ##
  5. ##   chmod 0755           ##
  6. #
  7.  
  8. ## fwblock4time
  9. # need root-rights, see below
  10. # need at ( e.g. apt install at)
  11. # need sudo (e.g. apt install sudo)
  12. # need iptables
  13. # need fwblock
  14. # need fwunblock
  15.  
  16. ## Using with mod_evasive:
  17. # copy this script to "/opt/fastix/fwblock4time"
  18. # do: "chown root:root /opt/fastix/fwblock4time"
  19. # do: "chmod 700 /opt/fastix/fwblock4time"
  20. # do: ln -s /opt/fastix/fwblock4time /usr/local/sbin/fwblock4time
  21. # install sudo and/or at
  22. # use "sudo visudo" to insert a row "www-data  ALL=NOPASSWD: /usr/local/sbin/fwblock4time" into /etc/sudoers
  23. # set 'DOSSystemCommand    "sudo /usr/local/sbin/fwblock4time %s 10"' (to block the ip for 10 minutes) in /etc/apache2/mods-available/evasive.conf
  24.  
  25. ## Args:
  26. # First:  String, The IP   (If unset the skript will exit with error 1)
  27. # Second: Integer minutes to unblock (If unset the default is 1 minute.
  28. # Hint: show `man at` for formates)
  29. # Hint: show /etc/apache2/mods-available/evasive.conf for the time (DOSBlockingPeriod)
  30.  
  31. ## Settings:
  32.  
  33. fwblock='/usr/local/sbin/fwblock';
  34. fwunblock='/usr/local/sbin/fwunblock';
  35. DOSLogDir='/tmp'; # show in /etc/apache2/mods-available/evasive.conf
  36.  
  37. ## RUN!
  38.  
  39. if [ ! -f  /var/run/atd.pid ]; then
  40.         echo "Fatal: The at-demon is not running!"  >&2;
  41. fi
  42.  
  43. if [ -z "${1}" ]; then
  44.         echo "No IP given. This is a Error." >&2;
  45.         exit 1;
  46. fi
  47.  
  48. ip=$(echo -n "${1}" | tr -cd '0123456789./');
  49. bt=$(echo -n "${2}" | tr -cd '0123456789');
  50.  
  51. if [ 0 -eq $(($bt)) ]; then
  52.         bt='now +1minutes';
  53. else
  54.         bt="now +${bt}minutes";
  55. fi
  56.  
  57. echo "IP ${ip} will blocked temporary. Block end in '${bt}'" | logger -t 'fwblock4time';
  58.  
  59. if ${fwblock} ${ip}; then
  60.     cmd="${fwunblock} '${ip}'; rm '/var/log/apache2/dos-${ip}'";
  61.     ret=$(echo ${cmd} | at ${bt} 1>/dev/null 2>/dev/null; echo $?);
  62.     if [ 0 -ne ${ret} ]; then
  63.                 echo -en "Sorry. Error ${ret} by putting the job to the atd. You have to delete the IP ${ip} manually.\nUse ${cmd} to do that.\n";
  64.         fi
  65. else
  66.         echo "Sorry. calling '${fwblock}' exits with error ${?}";
  67. fi
  68.