From 1fcd29028d0c40e72a017187492809ec58d7026f Mon Sep 17 00:00:00 2001
From: q3aql <q3aql@duck.com>
Date: Tue, 16 Apr 2024 19:12:27 +0200
Subject: [PATCH] Add block_ports variable

---
 blockauth | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/blockauth b/blockauth
index 2a3840d..4cbd02c 100755
--- a/blockauth
+++ b/blockauth
@@ -79,6 +79,7 @@ else
   echo "blocklist=\"/etc/blockauth/blocklist.list\"" >> /etc/blockauth/blockauth.conf
   echo "filelog=\"/etc/blockauth/blockauth.log\"" >> /etc/blockauth/blockauth.conf
   echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf
+  echo "block_ports=\"22,80,443\"" >> /etc/blockauth/blockauth.conf
 fi
 
 # Check integrity of configuration file
@@ -97,6 +98,9 @@ fi
 if [ -z "${max_ip_blocklist}" ] ; then
   echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf
 fi
+if [ -z "${block_ports}" ] ; then
+  echo "block_ports=\"22,80,443\"" >> /etc/blockauth/blockauth.conf
+fi
 source /etc/blockauth/blockauth.conf
 
 # Force edit configuration file
@@ -155,7 +159,7 @@ while [ ${blockauth} -eq 0 ] ; do
     if [ -z "${read_block_ip}" ] ; then
       echo "blockauth: blocking ip ${block_ip}"
       echo "blockauth: blocking ip ${block_ip}" >> ${filelog}
-      iptables -A OUTPUT -p tcp -d ${block_ip} --sport 22 -j DROP
+      iptables -A OUTPUT -p tcp -m multiport -d ${block_ip} --sports ${block_ports} -j DROP
     fi
   done
   # Reduce log