#!/bin/sh #check if ipblocklist running export resultr=`pfctl -s rules | grep -c ipblocklist` #echo $resultr if [ "$resultr" -gt "0" ]; then echo running exit 1 else echo not running /usr/bin/logger -s "IP-Blocklist was found not running" #echo "IP-Blocklist not running" | /usr/local/bin/php /usr/local/www/packages/ipblocklist/email_send.php fi ##kill tables to elminate dups /sbin/pfctl -t ipblocklist -T kill /sbin/pfctl -t ipblocklistW -T kill /usr/bin/sed -i -e '/ipblocklist/d' /tmp/rules.debug /usr/bin/sed -i -e '/ipblocklistW/d' /tmp/rules.debug ##Generate lists to process #ls /usr/local/www/packages/ipblocklist/lists > /usr/local/www/packages/ipblocklist/file_list.txt #ls /usr/local/www/packages/ipblocklist/Wlists > /usr/local/www/packages/ipblocklist/file_Wlist.txt filelist="/usr/local/www/packages/ipblocklist/file_list.txt" Wfilelist="/usr/local/www/packages/ipblocklist/file_Wlist.txt" ##READ contents in file_list.txt and process as file #for fileline in $(cat $filelist); do #iplist="/usr/local/www/packages/ipblocklist/lists/$fileline" #iplistout="/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw" ##sleep 5 ##echo "file name: " ##echo $iplist ##sleep 5 #if [ "$iplist" != "/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw" ]; then # #/usr/bin/perl /usr/local/www/packages/ipblocklist/convert.pl $iplist $iplistout # #echo "THIS JUST RAN" #fi ##sleep 5 #done #Whitelist #for Wfileline in $(cat $Wfilelist); do #Wiplist="/usr/local/www/packages/ipblocklist/Wlists/$Wfileline" #Wiplistout="/usr/local/www/packages/ipblocklist/Wlists/whitelist" #/usr/bin/perl /usr/local/www/packages/ipblocklist/convert.pl $Wiplist $Wiplistout #done #echo "ipfw made" ##clean up ipfw.ipfw (duplicates) #rm /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP #/usr/bin/sort /usr/local/www/packages/ipblocklist/lists/ipfw.ipfw | uniq >> /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP #mv /usr/local/www/packages/ipblocklist/lists/ipfw.ipfwTEMP /usr/local/www/packages/ipblocklist/lists/ipfw.ipfw ##echo "ipfw clean" ##clean up whitelist (duplicates) #rm /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP #/usr/bin/sort Wlists/whitelist | uniq >> /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP #mv /usr/local/www/packages/ipblocklist/Wlists/whitelistTEMP /usr/local/www/packages/ipblocklist/Wlists/whitelist ##echo "whitelist clean" ##Now edit /tmp/rules.debug ##find my line for table export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'` export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]\{1,2\}'` i=$(($i+'1')) t=$(($t+'1')) #echo $i #echo $t rm /tmp/rules.debug.tmp #Insert table-entry limit /usr/bin/sed -i -e '/900000/d' /tmp/rules.debug while read line do a=$(($a+1)); #echo $a; if [ "$a" = "$t" ]; then echo "" >> /tmp/rules.debug.tmp echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp fi echo $line >> /tmp/rules.debug.tmp done < "/tmp/rules.debug" mv /tmp/rules.debug /tmp/rules.debug.old mv /tmp/rules.debug.tmp /tmp/rules.debug /sbin/pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/ipblocklist/errorOUT.txt 2>&1 rm /tmp/rules.debug.tmp #Insert ipblocklist rules a="0" echo $a while read line do a=$(($a+1)); echo $a; if [ "$a" = "$i" ]; then echo "" >> /tmp/rules.debug.tmp echo "#ipblocklist" >> /tmp/rules.debug.tmp echo "table <ipblocklist> persist file '/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw'" >> /tmp/rules.debug.tmp echo "table <ipblocklistW> persist file '/usr/local/www/packages/ipblocklist/Wlists/whitelist'" >> /tmp/rules.debug.tmp for i in $(cat /usr/local/www/packages/ipblocklist/interfaces.txt); do echo "pass quick from <ipblocklistW> to any label 'IP-Blocklist'" >> /tmp/rules.debug.tmp echo "pass quick from $i to <ipblocklistW> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp if [ -f /usr/local/www/packages/ipblocklist/logging ]; then echo "block log quick from <ipblocklist> to $i label 'IP-Blocklist'" >> /tmp/rules.debug.tmp else echo "block quick from <ipblocklist> to $i label 'IP-Blocklist'" >> /tmp/rules.debug.tmp fi if [ -f /usr/local/www/packages/ipblocklist/OUTBOUND ]; then echo "block quick from $i to <ipblocklist> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp fi done fi echo $line >> /tmp/rules.debug.tmp done < "/tmp/rules.debug" mv /tmp/rules.debug /tmp/rules.debug.old mv /tmp/rules.debug.tmp /tmp/rules.debug #Now execute the ipfw list (Take a long time in old version) #sh lists/ipfw.ipfw (Version 0.1.4) rm /usr/local/www/packages/ipblocklist/errorOUT.txt /sbin/pfctl -o basic -f /tmp/rules.debug > /usr/local/www/packages/ipblocklist/errorOUT.txt 2>&1