FindPage
View Source:
KnowledgeBase/FreeBSD/SiteBan
Note:
You are viewing an old version of this page.
View the current version.
Set up a webserver on a local IP alias. Preferrably something nobody else listens on. I use 127.0.0.44. I wrote a tiny, quick webserver to serve static pages. It's written in PHP, and can serve nearly a million pages per minute. It's available under [PartyVan]. ban: <verbatim> #!/bin/sh # IPFW binary ipfw="/sbin/ipfw" # Index prefix of autoban rules prefix="44???" if [ -z "${1}" ] then echo "Usage: ${0} <ip>" exit 64 fi if [ "$(id -u)" -ne 0 ] then echo "Must be run as root." exit 32 fi luser="${1}" # Determine if the IP is already banned banned=$( ${ipfw} list | egrep "^${prefix}" | grep "from ${luser}" | cut -d" " -f1 | sort ) if [ -n "${banned}" ] then echo "Already banned, in rule(s): ${banned}" exit 16 fi # Obtain biggest index last=$( ${ipfw} list | egrep "^${prefix}" | cut -d" " -f1 | sort | tail -n 1 ) # Is it an index? if [ -z "${last}" ] then # Populate it with a sane value index="$( echo "${prefix}" | tr '?' '0' )" else # Increment index="$(( "${last}" + 1 ))" fi rule="${index} fwd 127.0.0.44 tcp from "${luser}" to any 80 in recv fxp0" ${ipfw} add ${rule} </verbatim> unban: <verbatim> #!/bin/sh # IPFW binary ipfw="/sbin/ipfw" # Index prefix of autoban rules prefix="44???" if [ -z "${1}" ] then echo "Usage: ${0} <ip>" exit 64 fi if [ "$(id -u)" -ne 0 ] then echo "Must be run as root." exit 32 fi luser="${1}" # Determine if the IP is already banned banned=$( ${ipfw} list | egrep "^${prefix}" | grep "from ${luser}" | cut -d" " -f1 | sort ) if [ -z "${banned}" ] then echo "Not banned. Check rulesets manually." exit 16 fi # Unban echo "Unbanning: ${banned}" ${ipfw} del ${banned} </verbatim> banlist: <verbatim> #!/bin/sh # IPFW binary ipfw="/sbin/ipfw" # Index prefix of autoban rules prefix="44???" if [ "$(id -u)" -ne 0 ] then echo "Must be run as root." exit 32 fi # Get list of banned IPs ${ipfw} list | egrep "^${prefix}" | cut -d" " -f1,6 | sort | while read number ip do echo "${number} -> ${ip}" done </verbatim>