diff options
author | Tom Schaefer <tom@tomschaefer.org> | 2010-12-06 12:02:29 -0500 |
---|---|---|
committer | Tom Schaefer <tom@tomschaefer.org> | 2010-12-06 12:04:16 -0500 |
commit | 7ba42aa8f14fd2eb9e7e956ed7429591ab98ef91 (patch) | |
tree | 1b723417fa48409b0022a6b31399b7401b0a968c /config/ipblocklist/IP-Blocklist.sh | |
parent | f1bb4cef07fdeb29b5519f59041ae6e0e2bb4308 (diff) | |
download | pfsense-packages-7ba42aa8f14fd2eb9e7e956ed7429591ab98ef91.tar.gz pfsense-packages-7ba42aa8f14fd2eb9e7e956ed7429591ab98ef91.tar.bz2 pfsense-packages-7ba42aa8f14fd2eb9e7e956ed7429591ab98ef91.zip |
prep for major filestructure re-do
Diffstat (limited to 'config/ipblocklist/IP-Blocklist.sh')
-rw-r--r-- | config/ipblocklist/IP-Blocklist.sh | 131 |
1 files changed, 0 insertions, 131 deletions
diff --git a/config/ipblocklist/IP-Blocklist.sh b/config/ipblocklist/IP-Blocklist.sh deleted file mode 100644 index 442d9443..00000000 --- a/config/ipblocklist/IP-Blocklist.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/bin/sh - -#check if ipblocklist running -export resultr=`pfctl -s rules | grep -c ipblocklist` - -#echo $resultr -if [ "$resultr" -gt "0" ]; then - echo running - exit 1 -else - echo not running - /usr/bin/logger -s "IP-Blocklist was found not running" - echo "IP-Blocklist not running" | /usr/local/bin/php /usr/local/www/packages/ipblocklist/email_send.php -fi - - -#kill tables to elminate dups -/sbin/pfctl -t ipblocklist -T kill -/sbin/pfctl -t ipblocklistW -T kill -/usr/bin/sed -i -e '/ipblocklist/d' /tmp/rules.debug -/usr/bin/sed -i -e '/ipblocklistW/d' /tmp/rules.debug - -#Generate lists to process -ls /usr/local/www/packages/ipblocklist/lists > /usr/local/www/packages/ipblocklist/file_list.txt -ls /usr/local/www/packages/ipblocklist/Wlists > /usr/local/www/packages/ipblocklist/file_Wlist.txt -filelist="/usr/local/www/packages/ipblocklist/file_list.txt" -Wfilelist="/usr/local/www/packages/ipblocklist/file_Wlist.txt" - -#READ contents in file_list.txt and process as file -for fileline in $(cat $filelist); do -iplist="/usr/local/www/packages/ipblocklist/lists/$fileline" -iplistout="/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw" -#sleep 5 -#echo "file name: " -#echo $iplist -#sleep 5 -if [ "$iplist" != "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw" ]; then - #/usr/bin/perl /usr/local/www/packages/ipblocklist/convert.pl $iplist $iplistout - #echo "THIS JUST RAN" -fi -#sleep 5 -done - -#Whitelist -for Wfileline in $(cat $Wfilelist); do -Wiplist="/usr/local/www/packages/ipblocklist/Wlists/$Wfileline" -Wiplistout="/usr/local/www/packages/ipblocklist/Wlists/whitelist" -/usr/bin/perl /usr/local/www/packages/ipblocklist/convert.pl $Wiplist $Wiplistout -done -#echo "ipfw made" - -#clean up ipfw.ipfw (duplicates) -rm /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP -/usr/bin/sort /usr/local/www/packages/ipblocklist/lists/ipfw.ipfw | uniq -u >> /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP -mv /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP /usr/local/www/packages/ipblocklist/lists/ipfw.ipfw -#echo "ipfw clean" - -#clean up whitelist (duplicates) -rm /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP -/usr/bin/sort Wlists/whitelist | uniq -u >> /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP -mv /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP /usr/local/www/packages/ipblocklist/Wlists/whitelist -#echo "whitelist clean" - - - -#Now edit /tmp/rules.debug - -#find my line for table -export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'` -export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'` - -i=$(($i+'1')) -t=$(($t+'1')) -#echo $i -#echo $t - -rm /tmp/rules.debug.tmp - -#Insert table-entry limit -/usr/bin/sed -i -e '/900000/d' /tmp/rules.debug -while read line - do a=$(($a+1)); - #echo $a; - if [ "$a" = "$t" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -/sbin/pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/ipblocklist/errorOUT.txt 2>&1 - -rm /tmp/rules.debug.tmp -#Insert ipblocklist rules -a="0" -echo $a -while read line - do a=$(($a+1)); - echo $a; - if [ "$a" = "$i" ]; then - echo "" >> /tmp/rules.debug.tmp - echo "#ipblocklist" >> /tmp/rules.debug.tmp - echo "table <ipblocklist> persist file '/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw'" >> /tmp/rules.debug.tmp - echo "table <ipblocklistW> persist file '/usr/local/www/packages/ipblocklist/Wlists/whitelist'" >> /tmp/rules.debug.tmp - - for i in $(cat /usr/local/www/packages/ipblocklist/interfaces.txt); do - echo "pass quick from <ipblocklistW> to any label 'IP-Blocklist'" >> /tmp/rules.debug.tmp - echo "pass quick from $i to <ipblocklistW> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp - if [ -f /usr/local/www/packages/ipblocklist/logging ]; then - echo "block log quick from <ipblocklist> to $i label 'IP-Blocklist'" >> /tmp/rules.debug.tmp - else - echo "block quick from <ipblocklist> to $i label 'IP-Blocklist'" >> /tmp/rules.debug.tmp - fi - if [ -f /usr/local/www/packages/ipblocklist/OUTBOUND ]; then - echo "block quick from $i to <ipblocklist> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp - fi - done - fi - echo $line >> /tmp/rules.debug.tmp -done < "/tmp/rules.debug" - -mv /tmp/rules.debug /tmp/rules.debug.old -mv /tmp/rules.debug.tmp /tmp/rules.debug - -#Now execute the ipfw list (Take a long time in old version) -#sh lists/ipfw.ipfw (Version 0.1.4) -rm /usr/local/www/packages/ipblocklist/errorOUT.txt -/sbin/pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/ipblocklist/errorOUT.txt 2>&1 |