Version 1 (modified by chris, 10 months ago) (diff) |
---|
Script on PuffinServer to block IP addresses using IP tables:
#!/usr/bin/env bash # location of the logchange script DIR=/usr/local/webarch LOGCHANGE="$DIR/bin/logchange" # check that the script is being run by root if [[ "$(id -u)" != "0" ]] ; then echo "You must run '$0' as root or via sudo" exit 1 fi # check that the logchange script is installed if [[ ! -f "${LOGCHANGE}" ]] ; then echo "You need to install the '${LOGCHANGE}' script before you can run $0" exit 2 fi # check for a IP address on standard input if [[ $1 ]]; then IP="$1" elif [[ ! "$1" ]]; then echo "Type IP address you would like dropped and then [ENTER]:" read ip IP=${ip} fi # drop the ip address iptables -I INPUT -s $IP -j DROP # save the changes bash -c "iptables-save > /etc/network/iptables.save" # record the changes logchange "$IP : dropped" exit 0