wiki:IpDrop

Version 1 (modified by chris, 3 years ago) (diff)

--

Script in /usr/local/bin on Crin2 to drop abusive IP addresses:

ipdrop

#!/usr/bin/env bash

# location of the logchange script, we assume it has been 
# installed int he same directory as this script is in
#DIR="/usr/local/bin"
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
LOGCHANGE="$DIR/logchange"

# check that the script is being run by root
if [[ "$(id -u)" != "0" ]] ; then
  echo "You must run '$0' as root or via sudo" 
  exit 1
fi

# check that the logchange script is installed
if [[ ! -f "${LOGCHANGE}" ]] ; then
  echo "You need to install the '${LOGCHANGE}' script before you can run $0"
  exit 2
fi

# check for a IP address on standard input
if [[ $1 ]]; then
  IP="$1"
elif [[ ! "$1" ]]; then
  echo "Type IP address you would like dropped and then [ENTER]:"
  read ip
  IP=${ip}
fi

# drop the ip address
iptables -I INPUT -s $IP -j DROP
# save the changes
bash -c "iptables-save > /etc/network/iptables.save"
# record the changes
logchange "$IP : dropped"

exit 0