2024-04-18 13:43:01 +02:00
|
|
|
#!/bin/sh
|
|
|
|
# Script to run when a new suspicious IP address is detected.
|
|
|
|
|
|
|
|
# Example for Linux:
|
|
|
|
# iptables -I INPUT -s $1 -j DROP
|
|
|
|
#
|
|
|
|
# Example for OpenBSD:
|
2024-04-18 17:34:26 +02:00
|
|
|
# Having this line in /etc/doas.conf
|
|
|
|
# permit nopass _tarpit as root cmd /sbin/pfctl
|
|
|
|
# And having a table defined in pf.conf:
|
2024-04-18 13:43:01 +02:00
|
|
|
# table <blacklist> persist file "/etc/blacklist"
|
|
|
|
# block drop in quick from <blacklist> to any
|
2024-04-18 17:34:26 +02:00
|
|
|
# then it is possible to add/delete dinamically:
|
|
|
|
# doas /sbin/pfctl -t blacklist -T add $1
|
|
|
|
# doas /sbin/pfctl -t blacklist -T delete $1
|
2024-04-18 13:43:01 +02:00
|
|
|
|
|
|
|
# Example for "debugging":
|
|
|
|
echo $1 > /tmp/foo
|
|
|
|
|
|
|
|
|