From f008726714fcc144188e65121d22f53f33f22f3b Mon Sep 17 00:00:00 2001 From: q3aql Date: Sun, 14 Apr 2024 21:05:41 +0200 Subject: [PATCH] Reset blocklist when maximum is reached --- blockauth | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/blockauth b/blockauth index a42f99f..7318fb2 100755 --- a/blockauth +++ b/blockauth @@ -17,8 +17,8 @@ else fi # Check dependencies -path_check="/usr/bin /bin /usr/local/bin /sbin ${HOME}/.local/bin" -dependencies="iptables cat grep sort sed rm echo systemctl" +path_check="/usr/bin /bin /usr/local/bin /sbin ${HOME}/.local/bin /home/linuxbrew/.linuxbrew/bin" +dependencies="iptables cat grep sort sed rm echo wc touch systemctl" dependencies_found="" dependencies_not_found="" for checkPath in ${path_check} ; do @@ -118,6 +118,13 @@ while [ ${blockauth} -eq 0 ] ; do sed -i "s/Failed password for invalid user ${user} from/blockauth\[allowed\]\: invalid pass for ${user} from/g" /var/log/auth.log systemctl restart rsyslog &> /dev/null done + # Reset blocklist when maximum is reached + num_blocklist=$(cat ${blocklist} | wc -l) + if [ "${num_blocklist}" -ge "${max_ip_blocklist}" ] ; then + rm -rf ${blocklist} + touch ${blocklist} + iptables -F + fi touch ${blocklist} cat ${blocklist} > ${blocklist}.temp echo "blockauth: creating blocklist" @@ -126,7 +133,6 @@ while [ ${blockauth} -eq 0 ] ; do sort -u ${blocklist}.temp > ${blocklist} rm -rf ${blocklist}.temp sed -i 's/Failed password for/blockauth\[blocked\]\: invalid pass for/g' /var/log/auth.log - # Exclude allowed IPs if [ -z "${always_ip_allowed}" ] ; then echo "blockauth: running exclude allowed ips" @@ -140,7 +146,6 @@ while [ ${blockauth} -eq 0 ] ; do sed -i "/${allowed_ip}/d" ${blocklist} done fi - # Block IPs using iptables for block_ip in $(cat ${blocklist}) ; do read_block_ip=$(iptables -n -L | grep "${block_ip}") @@ -151,7 +156,6 @@ while [ ${blockauth} -eq 0 ] ; do iptables -A OUTPUT -d ${block_ip} -j DROP fi done - # Reduce log reduce_log ${filelog} done