Changes between Initial Version and Version 1 of IpDrop


Ignore:
Timestamp:
Dec 22, 2015, 12:57:47 PM (3 years ago)
Author:
chris
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • IpDrop

    v1 v1  
     1Script in `/usr/local/bin` on [[Crin2]] to drop abusive IP addresses:
     2
     3== ipdrop ==
     4
     5{{{
     6#!bash
     7#!/usr/bin/env bash
     8
     9# location of the logchange script, we assume it has been
     10# installed int he same directory as this script is in
     11#DIR="/usr/local/bin"
     12DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
     13LOGCHANGE="$DIR/logchange"
     14
     15# check that the script is being run by root
     16if [[ "$(id -u)" != "0" ]] ; then
     17  echo "You must run '$0' as root or via sudo"
     18  exit 1
     19fi
     20
     21# check that the logchange script is installed
     22if [[ ! -f "${LOGCHANGE}" ]] ; then
     23  echo "You need to install the '${LOGCHANGE}' script before you can run $0"
     24  exit 2
     25fi
     26
     27# check for a IP address on standard input
     28if [[ $1 ]]; then
     29  IP="$1"
     30elif [[ ! "$1" ]]; then
     31  echo "Type IP address you would like dropped and then [ENTER]:"
     32  read ip
     33  IP=${ip}
     34fi
     35
     36# drop the ip address
     37iptables -I INPUT -s $IP -j DROP
     38# save the changes
     39bash -c "iptables-save > /etc/network/iptables.save"
     40# record the changes
     41logchange "$IP : dropped"
     42
     43exit 0
     44}}}