-
-
Save leowebguy/fec26851fb403abe0dc5ddb7d7024dcb to your computer and use it in GitHub Desktop.
Revisions
-
Aikhjarto revised this gist
Jun 2, 2014 . 1 changed file with 8 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,6 +9,8 @@ # Please also use fail2ban with the badips modification and help to maintain the list of attackers. # See also: fail2ban and http:///www.badips.com IPTABLES_BIN=/usr/sbin/iptables IPTABLES_SAVE_BIN=/usr/sbin/iptables-save LOGGER_OPTS="-t add_badips" @@ -21,28 +23,29 @@ FILE=`mktemp` # curl or wget can be used to download. Uncomment line which one should be used curl -s $URL > $FILE #wget -q -O $FILE $URL if [ $? -ne 0 ]; then logger $LOGGER_OPTS -s "ERROR: download of $URL failed" exit 1 else logger $LOGGER_OPTS "got "`wc -l $FILE | awk '{ print $1 }'` " IPs" fi ### remove old blocked entries FILE2=`mktemp` # export all rules with comment "BADIP" $IPTABLES_SAVE_BIN | grep -e "--comment BADIP" | sed 's/-A/-D/' > $FILE2 logger $LOGGER_OPTS "removing "`wc -l $FILE2 | awk '{ print $1 }'` " old entries" # remove all IPs previously known as bad # HINT: use a while loop here since a for loop would require changing the IFS due to spaces in $FILE2 while read RULE; do $IPTABLES_BIN $RULE done < $FILE2 rm $FILE2 ### add new IPs for IP in $(cat $FILE); do $IPTABLES_BIN -I INPUT $RULE -s $IP -j DROP -m comment --comment "BADIP" done rm $FILE logger $LOGGER_OPTS "done applying IPs" -
Jun 1, 2014 . 1 changed file with 18 additions and 9 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,39 +1,48 @@ #!/bin/bash # This script downloads a list of IPs known for brute force attacking within the last two weeks. # The fetched IPs get blocked with iptables with the special comment "BADIP". This script only # modifies iptables rules with that comment. This measure makes it well compatible with other firewall # scripts like the SUSEFirewall. # The iptables rules are updated every time this script is executed. Additionally this script is # quiet on stdout, which makes it well suited for being executed as a cronjob. # # Please also use fail2ban with the badips modification and help to maintain the list of attackers. # See also: fail2ban and http:///www.badips.com LOGGER_OPTS="-t add_badips" # fetch IP list from badips.com URL="http://www.badips.com/get/list/ssh/2?age=2w" ### download logger $LOGGER_OPTS "fetching list of bad IPs from $URL" FILE=`mktemp` # curl or wget can be used to download. Uncomment line which one should be used curl -s $URL > $FILE #wget -q -O $FILE $URL if [ $? -ne 0 ]; then logger $LOGGER_OPTS -s "ERROR: download of $URL failed" exit 1 else logger $LOGGER_OPTS "got "`wc -l $FILE | awk '{ print $1 }'` " IPs" fi ### remove old blocked entries FILE2=`mktemp` # export all rules with comment "BADIP" iptables-save | grep -e "--comment BADIP" | sed 's/-A/-D/' > $FILE2 logger $LOGGER_OPTS "removing "`wc -l $FILE2 | awk '{ print $1 }'` " old entries" # remove all IPs previously known as bad # HINT: use a while loop here since a for loop would require changing the IFS due to spaces in $FILE2 while read RULE; do iptables $RULE done < $FILE2 rm $FILE2 ### add new IPs for IP in $(cat $FILE); do iptables -I INPUT $RULE -s $IP -j DROP -m comment --comment "BADIP" done rm $FILE logger $LOGGER_OPTS "done applying IPs" -
Jun 1, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,39 @@ #!/bin/bash FILE=`mktemp` LOGGER_OPTS="-t add_badips" # fetch IP list from badips.com URL="http://www.badips.com/get/list/ssh/2?age=2w" # download logger $LOGGER_OPTS "fetching list of bad IPs from $URL" curl -s $URL > $FILE if [ $? -ne 0 ]; then logger $LOGGER_OPTS -s "ERROR: download of $URL failed" exit 1 else logger $LOGGER_OPTS "got "`wc -l $FILE | awk '{ print $1 }'` " IPs" fi # remove old blocked entries FILE2=`mktemp` iptables-save | grep -e "--comment BADIP" | sed 's/-A/-D/' > $FILE2 logger $LOGGER_OPTS "removing "`wc -l $FILE2 | awk '{ print $1 }'` " old entries" # HINT: use a while loop here since a for loop would require changing the IFS due to spaces in $FILE2 while read RULE; do iptables $RULE done < $FILE2 rm $FILE2 # add new IPs for IP in $(cat $FILE); do iptables -I INPUT $RULE -s $IP -j DROP -m comment --comment "BADIP" done logger $LOGGER_OPTS "done applying IPs" rm $FILE