v4l3n71n/deployment-web
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add iptables blacklist

Browse Source
This commit is contained in:
Valentin CZERYBA 2023-02-05 17:58:15 +01:00
parent cc219924cc
commit c7ddbd20b6
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/deploy-web/files/blacklist.sh
View File

@ -6,6 +6,9 @@ BLACKLIST=/etc/sentinel/blacklist
chain_count=$(iptables -L BLACKLIST | wc -l) chain_count=$(iptables -L BLACKLIST | wc -l)
if [ ${chain_count} -eq 0 ]; then if [ ${chain_count} -eq 0 ]; then
iptables -N BLACKLIST iptables -N BLACKLIST
iptables -A INPUT -p tcp -m tcp --dport 80 -j BLACKLIST
iptables -A INPUT -p tcp -m tcp --dport 443 -j BLACKLIST
fi fi
if [ ! -f ${BLACKLIST} ]; then if [ ! -f ${BLACKLIST} ]; then
touch ${BLACKLIST} touch ${BLACKLIST}
@ -49,5 +52,4 @@ do
cat ${BLACKLIST} >> ${MAIL} cat ${BLACKLIST} >> ${MAIL}
cat ${MAIL} |mail -s "Blacklist IP ${i}" valczebackup@gmail.com cat ${MAIL} |mail -s "Blacklist IP ${i}" valczebackup@gmail.com
fi fi
#rm $directory_host/*
done done