cadaedbfb2
* major rewrite * add support for multiple chains * add mac whitelisting * add support for multiple ssh daemons in parallel * add an ipset report engine * add mail notifications * add suspend/resume functions * add a cron wrapper to set an ipset related auto-timer for automatic blocklist updates * add a list wrapper to add/remove blocklist sources * add 19.x and Turris OS 5.x compatibility code * sources stored in an external compressed json file (/etc/banip/banip.sources.gz) * change Country/ASN download sources (faster/more reliable) * fix DHCPv6/icmpv6 issues Signed-off-by: Dirk Brenken <dev@brenken.org>
36 lines
972 B
Desktop File
Executable file
36 lines
972 B
Desktop File
Executable file
#!/bin/sh
|
|
# log service to trace failed ssh/luci logins and conditionally refresh banIP
|
|
# written by Dirk Brenken (dev@brenken.org)
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v3.
|
|
#
|
|
# (s)hellcheck exceptions
|
|
# shellcheck disable=1091,2030,2031,2034,2039,2086,2129,2140,2143,2154,2181,2183,2188
|
|
|
|
export LC_ALL=C
|
|
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
|
|
set -o pipefail
|
|
ban_ver="${1}"
|
|
ban_search="${2}"
|
|
ban_logger="$(command -v logger)"
|
|
ban_logread="$(command -v logread)"
|
|
|
|
f_log()
|
|
{
|
|
local class="${1}" log_msg="${2}"
|
|
|
|
if [ -x "${ban_logger}" ]
|
|
then
|
|
"${ban_logger}" -p "${class}" -t "banIP-${ban_ver%-*}[${$}]" "${log_msg}"
|
|
else
|
|
printf "%s %s %s\n" "${class}" "banIP-${ban_ver%-*}[${$}]" "${log_msg}"
|
|
fi
|
|
}
|
|
|
|
if [ -x "${ban_logread}" ]
|
|
then
|
|
f_log "info" "log/banIP service started"
|
|
"${ban_logread}" -f | { grep -q "${ban_search}"; [ "${?}" = "0" ] && /etc/init.d/banip refresh; }
|
|
else
|
|
f_log "err" "can't start log/banIP service"
|
|
fi
|