#!/usr/bin/perl # Author: Jeff Fulmer aka JoeDog # Email: jeff at joedog dot org # Site: http://www.joedog.org/ # Date: Wed Apr 8 22:16:00 EDT 2015 # Requires: JoeDog::Config # http://download.joedog.org/mods/JoeDog-Config.tar.gz # # A convenience script to help you block IP addresses. # You can gather all the assholes in your web logs # and put them in a file and feed it to this script or # you can block them one at a time with a IP address # on the command line: # # $ block /path/to/ipddresses.txt # $ block 117.21.192.144 # use JoeDog::Config; use strict; my @list; my $in = $ARGV[0] or usage(); if(-e $in && -f $in){ # check to see if input is a file. If it is, # then read it and check its contents. If they # are IP addresses, then assign them to @list my $cnf = new JoeDog::Config($in); my @arr = $cnf->get_column(); foreach my $I (@arr){ if(ipcheck($I)){ print "Adding $I\n"; push(@list, $I); } else { print "Invalid IP: $I\n"; } } } else { # check to see if it's a properly formatted IP # address. if it is, assign it to $list[0] if(ipcheck($in)){ $list[0] = $in; } else { print "Invalid IP: $in\n"; exit(1); } } my $cmd; foreach my $addr (@list){ $cmd = "/sbin/iptables -I INPUT --protocol tcp --syn -s $addr -j DROP"; open(CMD, "$cmd |") or die "unable to add rule: $cmd"; while(){ print $_; } close(CMD); } $cmd = "/sbin/iptables-save > /etc/sysconfig/iptables"; open(CMD, "$cmd |") or die "unable to update the configuration"; while(){ print $_; } close(CMD); exit; sub ipcheck { my $ip = shift; return $ip =~ (m/^(?:(\d+)(??{$+>=0&&$+<256?q{\.|$}:q{X}})){4}/)?1:0; } sub usage { print <