-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathiptables-ban.sh
executable file
·51 lines (45 loc) · 1.42 KB
/
iptables-ban.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/bin/bash
#our_ip() {
# tmp="/tmp/$(basename $0).cache"
# if [[ ! -f "$tmp" || $(( $(date +"%s") - $(stat -c "%Y" $tmp) )) > 86400 ]]; then
# IP=$(dig myip.opendns.com @resolver1.opendns.com +short) ||
# IP=$(curl -s http://ifconfig.us) ||
# IP=$(wget -qO- http://icanhazip.com) ||
# IP=$(wget -qO- http://checkip.dyndns.org | sed 's/.*ss:\ //;s/<\/b.*//') ||
# IP=$(wget -qO- http://myip.dnsomatic.com) ||
# IP=$(wget -qO- http://ipecho.net/plain) ||
# IP=$(curl --silent 'https://www.google.com/search?q=what+is+my+ip' | sed 's/.*Client IP address: //;s/).*//;q')
# echo $IP >"$tmp"
# fi
# echo $(cat "$tmp")
#}
check() {
OLD_IFS=$IFS IFS=.
set -- $1
if (( $# == 4 )); then
for seg; do
case $seg in
*[!0-9]*)
echo "invalid: $seg"
exit ;;
*) (( seg > 255 )) && {
echo "invalid: $seg"
exit
} ;;
esac
done
else
echo "invalid: length"
exit
fi
IFS=$OLD_IFS
#[[ $addr = @($(our_ip)|127.0.0.1) ]] && {
# echo "invalid: dont ban yourself!"
# exit
#}
}
read -p "Enter the IP to BAN and press [ENTER]: " addr
check "$addr"
echo -n "Adding $addr to iptables ... "
iptables -A INPUT -s $addr -j DROP
[[ $? = 0 ]] && echo 'done' || echo 'failed'