Like 0
Fork 0

Last active 11 months ago

dominic revised this gist 11 months ago. Go to revision

1 file changed, 57 insertions

ubl-arch.sh(file created)

@@ -0,0 +1,57 @@
1 + #!/bin/sh
2 + # 2024-05-26
3 + # lastmod: 2024-10-05
4 + # Dominic Reich <quick.hat4396@qtztsjosmprqmgtunjyf.com>
5 +
6 + BFILE=/srv/http/blocked.txt
7 + IPFILE=~/ips
8 +
9 + if [[ $USER == "root" ]]; then
10 + echo >&2 "User must not be root! Exiting"
11 + exit 1
12 + fi
13 +
14 + if [[ ! -r $IPFILE ]]; then
15 + echo >&2 "Could not find/open ip file: ${IPFILE}"
16 + exit 1
17 + fi
18 +
19 + COUNT=$(wc -l ${IPFILE} | cut -d' ' -f1)
20 + OLDNUM=$(sudo ipset --terse -L | grep "Number of entries:" | cut -d: -f2 | xargs)
21 +
22 + while read ip; do sudo ipset -exist -A badips "$ip"; done < $IPFILE
23 +
24 + FILEBACKUP=3
25 +
26 + TODAY=$(ls ${BFILE}.$(date +%Y%m%d)-* 2>/dev/null| wc -l)
27 + if [ ${FILEBACKUP} -ne 0 ]; then
28 + # sudo cp ${BFILE} ${BFILE}.$(date +%Y%m%d)
29 + sudo cp ${BFILE} ${BFILE}.$(date +%Y%m%d)-$(expr ${TODAY} + 1)
30 + fi
31 +
32 + BACKUPCOUNT=$(expr $(ls ${BFILE}.* | wc -l) - $TODAY - 1)
33 + BACKUPSTODELETE=$(expr ${BACKUPCOUNT} - ${FILEBACKUP})
34 + if [ ${BACKUPCOUNT} -gt ${FILEBACKUP} ]; then
35 + for f in $(ls -tr ${BFILE}.* | head -${BACKUPSTODELETE})
36 + do
37 + sudo rm ${f}
38 + done
39 + fi
40 +
41 + # save to blocklist file in webroot
42 + sudo ipset -output save -L | grep add | awk '{ print $3 }' | sort -g | sudo tee ${BFILE} 1>/dev/null
43 +
44 + # save to /etc/ipset.conf
45 + sudo ipset save -file /etc/ipset.conf
46 +
47 + # Test if current ip is in the badips set
48 + # sudo ipset -q -T badips $(who | tail -1 | awk -F '[()]' '{ print $2 }')
49 + sudo ipset -T badips $(who | tail -1 | awk -F '[()]' '{ print $2 }')
50 +
51 + #sudo ipset --terse -L
52 +
53 + NEWNUM=$(sudo ipset --terse -L | grep "Number of entries:" | cut -d: -f2 | xargs)
54 +
55 + rm -f $IPFILE
56 +
57 + echo "Added $((${NEWNUM}-${OLDNUM}))/${COUNT} IPs (${OLDNUM} → ${NEWNUM})"
Newer Older

Powered by Opengist Load: 22ms

English