deployment-web/roles/deploy-web/files/refill_blacklist.sh

#!/bin/bash

IPTABLES=/usr/sbin/iptables
BLACKLIST=/etc/sentinel/blacklist
chain_count=$(${IPTABLES} -L BLACKLIST -n | wc -l)
if [ ${chain_count} -eq 0 ]; then
	${IPTABLES} -N BLACKLIST
	${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 80 -j BLACKLIST
	${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 443 -j BLACKLIST

fi
if [ ! -f ${BLACKLIST} ]; then
	touch ${BLACKLIST}
fi
if [ ${chain_count} -gt 2 ]; then
	chain_count=$(echo ${chain_count}-2 |bc)
	iptables_ip=($(${IPTABLES} -nvL BLACKLIST | tail -n ${chain_count}  | awk '{print $8}'))
	for i in $(cat ${BLACKLIST})
	do
		block_ip=1
		for j in ${iptables_ip[@]}
		do
			if [ "${i}" == "${j}" ]; then
				block_ip=0
			fi
		done
		if [ ${block_ip} -eq 1 ]; then
			${IPTABLES} -A BLACKLIST -s ${i} -j DROP
		fi
	done
else
	for i in $(cat ${BLACKLIST})
	do
		${IPTABLES} -A BLACKLIST -s ${i} -j DROP
	done
fi
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`#!/bin/bash`

fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`IPTABLES=/usr/sbin/iptables`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`BLACKLIST=/etc/sentinel/blacklist`
fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`chain_count=$(${IPTABLES} -L BLACKLIST -n \| wc -l)`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`if [ ${chain_count} -eq 0 ]; then`
fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`${IPTABLES} -N BLACKLIST`
			`${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 80 -j BLACKLIST`
			`${IPTABLES} -I INPUT 1 -p tcp -m tcp --dport 443 -j BLACKLIST`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00
			`fi`
			`if [ ! -f ${BLACKLIST} ]; then`
			`touch ${BLACKLIST}`
			`fi`
			`if [ ${chain_count} -gt 2 ]; then`
			`chain_count=$(echo ${chain_count}-2 \|bc)`
fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`iptables_ip=($(${IPTABLES} -nvL BLACKLIST \| tail -n ${chain_count} \| awk '{print $8}'))`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`for i in $(cat ${BLACKLIST})`
			`do`
			`block_ip=1`
			`for j in ${iptables_ip[@]}`
			`do`
			`if [ "${i}" == "${j}" ]; then`
			`block_ip=0`
			`fi`
			`done`
			`if [ ${block_ip} -eq 1 ]; then`
fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`${IPTABLES} -A BLACKLIST -s ${i} -j DROP`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`fi`
			`done`
			`else`
			`for i in $(cat ${BLACKLIST})`
			`do`
fix path iptables for refill_blacklist 2023-03-04 10:47:04 +01:00			`${IPTABLES} -A BLACKLIST -s ${i} -j DROP`
optimisation du script de blacklist 2023-02-08 21:17:11 +01:00			`done`
			`fi`