Revision of ubl-openbsd.sh

1 file changed, 49 insertions

ubl-openbsd.sh(file created)

		@@ -0,0 +1,49 @@
1	+	#!/bin/sh
2	+	#
3	+	# Author: Dominic Reich <quick.hat4396@qtztsjosmprqmgtunjyf.com>
4	+	# export the blacklist table from pf (pfctl -t blacklist)
5	+	# to the blocked.txt file on my http webroot
6	+
7	+	if [[ $USER == "root" ]]; then
8	+	echo >&2 "user must not be root! exiting."
9	+	exit 1
10	+	fi
11	+
12	+	# add ips to table blacklist
13	+	(for ip in `cat ~/ips`; do echo $ip;done) \| xargs doas pfctl -t blacklist -T add
14	+
15	+	# save sorted table blacklist into file /etc/blacklist
16	+	doas pfctl -t blacklist -T show \| sort -h \| uniq \| doas tee /etc/blacklist 1>/dev/null
17	+
18	+	# continue to update the blocked.txt file in the webserver root
19	+	# available at http://bor.oe7drt.com/blocked.txt
20	+	BLOCKEDTXT=/home/dominic/pub/blocked/web.txt
21	+	FILEBACKUP=3
22	+
23	+	if [ ${FILEBACKUP} -ne 0 ]; then
24	+	cp ${BLOCKEDTXT} ${BLOCKEDTXT}.$(date +%Y%m%d)
25	+	fi
26	+
27	+	BACKUPCOUNT=$(ls ${BLOCKEDTXT}.* \| wc -l)
28	+	BACKUPSTODELETE=$(expr ${BACKUPCOUNT} - ${FILEBACKUP})
29	+	if [ ${BACKUPCOUNT} -gt ${FILEBACKUP} ]; then
30	+	for f in $(ls -tr ${BLOCKEDTXT}.* \| head -${BACKUPSTODELETE})
31	+	do
32	+	rm ${f}
33	+	done
34	+	fi
35	+
36	+	rm -f ~/ips
37	+
38	+	doas pfctl -t blacklist -T show \| tee ${BLOCKEDTXT} 1>/dev/null
39	+
40	+	doas pfctl -t blacklist -T test $(w \| tail -1 \| awk '{ print $3}')
41	+
42	+	echo
43	+
44	+	#doas pfctl -nf /etc/pf.conf
45	+
46	+	doas pfctl -vf /etc/pf.conf
47	+
48	+	echo doas pfctl -ss
49	+	echo doas pfctl -Fs

Newer Older