diff options
| author | root <root@vadmin.(none)> | 2010-06-09 21:28:36 -0400 |
|---|---|---|
| committer | root <root@vadmin.(none)> | 2010-06-09 21:28:36 -0400 |
| commit | aac6f344f0670283401fdf9ee71ab77bdef7cdcc (patch) | |
| tree | 418b2f67a896c714c613c47e1d49812fd0b028ce /config/countryblock/execute.sh | |
| parent | 0c858a2798e4ff467f6bd8b6c76b5695359ade0f (diff) | |
| download | pfsense-packages-aac6f344f0670283401fdf9ee71ab77bdef7cdcc.tar.gz pfsense-packages-aac6f344f0670283401fdf9ee71ab77bdef7cdcc.tar.bz2 pfsense-packages-aac6f344f0670283401fdf9ee71ab77bdef7cdcc.zip | |
Addming countryblock package
Diffstat (limited to 'config/countryblock/execute.sh')
| -rw-r--r-- | config/countryblock/execute.sh | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/config/countryblock/execute.sh b/config/countryblock/execute.sh new file mode 100644 index 00000000..f109f896 --- /dev/null +++ b/config/countryblock/execute.sh @@ -0,0 +1,59 @@ +pfctl -t countryblock -T kill +sed -i -e '/countryblock/d' /tmp/rules.debug + +#Now edit /tmp/rules.debug + +#find my line for table +export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'` +export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]'` + +i=$(($i+'1')) +t=$(($t+'1')) +#echo $i +#echo $t + + +rm /tmp/rules.debug.tmp + +#Insert table-entry limit +sed -i -e '/900000/d' /tmp/rules.debug +while read line + do a=$(($a+1)); + #echo $a; + if [ "$a" = "$t" ]; then + echo "" >> /tmp/rules.debug.tmp + echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp + fi + echo $line >> /tmp/rules.debug.tmp +done < "/tmp/rules.debug" + +mv /tmp/rules.debug /tmp/rules.debug.old +mv /tmp/rules.debug.tmp /tmp/rules.debug + +pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1 + +rm /tmp/rules.debug.tmp + +#Insert countryblock rules +a="0" +echo $a +while read line + do a=$(($a+1)); + echo $a; + if [ "$a" = "$i" ]; then + echo "" >> /tmp/rules.debug.tmp + echo "#countryblock" >> /tmp/rules.debug.tmp + echo "table <countryblock> persist file '/usr/local/www/packages/countryblock/lists/countries.txt'" >> /tmp/rules.debug.tmp + echo "block quick from <countryblock> to any label 'countryblock'" >> /tmp/rules.debug.tmp + if [ -f OUTBOUND ]; then + echo "block quick from any to <countryblock> label 'countryblock'" >> /tmp/rules.debug.tmp + fi + fi + echo $line >> /tmp/rules.debug.tmp +done < "/tmp/rules.debug" + +mv /tmp/rules.debug /tmp/rules.debug.old +mv /tmp/rules.debug.tmp /tmp/rules.debug + +rm errorOUT.txt +pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1 |