From: xf0r3m Date: Tue, 23 Jan 2024 15:43:15 +0000 (+0100) Subject: Dodanie pliku bany.sh X-Git-Url: https://gitweb.morketsmerke.org/?a=commitdiff_plain;h=bb6c58c45ad86c242c2bcc8512adf839d82619bb;p=backup.git Dodanie pliku bany.sh --- diff --git a/bany.sh b/bany.sh new file mode 100755 index 0000000..0ae34e9 --- /dev/null +++ b/bany.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +if [ ! -x /usr/sbin/iptables ]; then + sudo apt install -y iptables netfilter-persistent; +fi + +tempfile="/tmp/bany.json"; + +knockingIPList=$(sudo lastb | awk '{printf $3"\n"}' | sort | uniq | grep '^[0-9]' | awk '{printf $1" "}'); +if [ ! "$knockinIPList" ]; then + knockingIPList=$(sudo lastb | awk '{printf $2"\n"}' | sort | uniq | grep '^[0-9]' | awk '{printf $1" "}') +fi + +if [ -f "bany_$(date +%d.+%m.+%y).txt" ]; then + echo > bany_$(date +%d.+%m.+%y).txt +fi + +for IP in $knockingIPList; do + wget https://api.seeip.org/geoip/${IP} -O $tempfile >> /dev/null 2>&1 + country=$(sed -nr 's/.+"country":"([^"]*).+/\1/p' $tempfile); + if [ "$country" = "Poland" ]; then + isp=$(sed -nr 's/.+"organization":"([^"]*).+/\1/p' $tempfile) + echo "$IP - $country - $isp"; + else + echo "$IP - $country"; + fi + while [ ! "$banned" ] || [ "$(echo $banned | tr [A-Z] [a-z])" = "more" ]; do + echo -n "Czy zablokować możliwość połączenia się tego adresu IP z naszym adresem [t/N/more]: "; + read banned; + if [ "$(echo $banned | tr [A-Z] [a-z])" = "t" ]; then + echo; + sudo iptables -A INPUT -s $IP -p tcp --dport 2022 -j DROP; + echo "Adres ip został zablokowany."; + echo "$IP - $country - Zbanowany!" >> bany_$(date +%d.%m.%y).txt + elif [ "$(echo $banned | tr [A-Z] [a-z])" = "more" ]; then + sed -e 's,[{}],,g' -e 's/,/\n/g' -e 's,",,g' -e 's,:,:\t,g' $tempfile && echo; + else + echo; + echo "$IP - $country - niezbanowany." >> bany_$(date +%d.%m.%y).txt + break; + fi + done + banned=""; +done + +echo -n "Wyświetlić tablicę IPtables? [T/n]: "; +read -n 1 show_table; +if [ ! "$show_table" ] || [ "$(echo $show_table | tr [A-Z] [a-z])" = "t" ]; then + sudo iptables -L -n +fi + +echo -n "Zapisać obecny stan tablicy iptables? [T/n]: "; +read -n 1 save_table; +if [ ! "$save_table" ] || [ "$(echo $save_table | tr [A-Z] [a-z])" = "t" ]; then + sudo netfilter-persistent save +fi + +echo -n "Oczyścić log prób logowania? [T/n]: "; +read -n 1 clear_btmp; +if [ ! "$clear_btmp" ] || [ "$(echo $clear_table | tr [A-Z] [a-z])" = "t" ]; then + echo | sudo tee /var/log/btmp; +fi