Add block_ports variable

This commit is contained in:
q3aql 2024-04-16 19:12:27 +02:00
parent a0d41ed859
commit 1fcd29028d

View File

@ -79,6 +79,7 @@ else
echo "blocklist=\"/etc/blockauth/blocklist.list\"" >> /etc/blockauth/blockauth.conf echo "blocklist=\"/etc/blockauth/blocklist.list\"" >> /etc/blockauth/blockauth.conf
echo "filelog=\"/etc/blockauth/blockauth.log\"" >> /etc/blockauth/blockauth.conf echo "filelog=\"/etc/blockauth/blockauth.log\"" >> /etc/blockauth/blockauth.conf
echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf
echo "block_ports=\"22,80,443\"" >> /etc/blockauth/blockauth.conf
fi fi
# Check integrity of configuration file # Check integrity of configuration file
@ -97,6 +98,9 @@ fi
if [ -z "${max_ip_blocklist}" ] ; then if [ -z "${max_ip_blocklist}" ] ; then
echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf echo "max_ip_blocklist=\"12500\"" >> /etc/blockauth/blockauth.conf
fi fi
if [ -z "${block_ports}" ] ; then
echo "block_ports=\"22,80,443\"" >> /etc/blockauth/blockauth.conf
fi
source /etc/blockauth/blockauth.conf source /etc/blockauth/blockauth.conf
# Force edit configuration file # Force edit configuration file
@ -155,7 +159,7 @@ while [ ${blockauth} -eq 0 ] ; do
if [ -z "${read_block_ip}" ] ; then if [ -z "${read_block_ip}" ] ; then
echo "blockauth: blocking ip ${block_ip}" echo "blockauth: blocking ip ${block_ip}"
echo "blockauth: blocking ip ${block_ip}" >> ${filelog} echo "blockauth: blocking ip ${block_ip}" >> ${filelog}
iptables -A OUTPUT -p tcp -d ${block_ip} --sport 22 -j DROP iptables -A OUTPUT -p tcp -m multiport -d ${block_ip} --sports ${block_ports} -j DROP
fi fi
done done
# Reduce log # Reduce log