sip-tarpit/action_script.sh

21 lines
572 B
Bash
Raw Permalink Normal View History

2024-04-18 13:43:01 +02:00
#!/bin/sh
# Script to run when a new suspicious IP address is detected.
# Example for Linux:
# iptables -I INPUT -s $1 -j DROP
#
# Example for OpenBSD:
# Having this line in /etc/doas.conf
# permit nopass _tarpit as root cmd /sbin/pfctl
# And having a table defined in pf.conf:
2024-04-18 13:43:01 +02:00
# table <blacklist> persist file "/etc/blacklist"
# block drop in quick from <blacklist> to any
# then it is possible to add/delete dinamically:
# doas /sbin/pfctl -t blacklist -T add $1
# doas /sbin/pfctl -t blacklist -T delete $1
2024-04-18 13:43:01 +02:00
# Example for "debugging":
echo $1 > /tmp/foo