Commit 48820d7e authored by Alynna Trypnotk's avatar Alynna Trypnotk

Update botblocker

parent eb773e31
Pipeline #18 canceled with stages
...@@ -9,6 +9,16 @@ ip6tables -t filter -F BOTBLOCKER >/dev/null 2>&1 || true ...@@ -9,6 +9,16 @@ ip6tables -t filter -F BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -X BOTBLOCKER >/dev/null 2>&1 || true ip6tables -t filter -X BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -N BOTBLOCKER >/dev/null 2>&1 || true ip6tables -t filter -N BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -A INPUT ! -s 2603:300b:768:b000::/64 -j BOTBLOCKER ip6tables -t filter -A INPUT ! -s 2603:300b:768:b000::/64 -j BOTBLOCKER
iptables -t filter -D INPUT ! -s 10.0.0.0/8 -j RTBL >/dev/null 2>&1 || true
iptables -t filter -F RTBL >/dev/null 2>&1 || true
iptables -t filter -X RTBL >/dev/null 2>&1 || true
iptables -t filter -N RTBL >/dev/null 2>&1 || true
iptables -t filter -A INPUT ! -s 10.0.0.0/8 -j RTBL
ip6tables -t filter -D INPUT ! -s 2603:300b:768:b000::/64 -j RTBL >/dev/null 2>&1 || true
ip6tables -t filter -F RTBL >/dev/null 2>&1 || true
ip6tables -t filter -X RTBL >/dev/null 2>&1 || true
ip6tables -t filter -N RTBL >/dev/null 2>&1 || true
ip6tables -t filter -A INPUT ! -s 2603:300b:768:b000::/64 -j RTBL
tail -n 10000 /var/log/nginx/access.log | egrep -iv "google|yahoo|bing" | grep -i "bot" | cut -d' ' -f1 | uniq > /var/cache/bots tail -n 10000 /var/log/nginx/access.log | egrep -iv "google|yahoo|bing" | grep -i "bot" | cut -d' ' -f1 | uniq > /var/cache/bots
for j in $(cat /var/cache/bots); do for j in $(cat /var/cache/bots); do
if [[ $j == *.*.*.* ]]; then if [[ $j == *.*.*.* ]]; then
...@@ -16,4 +26,11 @@ for j in $(cat /var/cache/bots); do ...@@ -16,4 +26,11 @@ for j in $(cat /var/cache/bots); do
elif [[ $j == *:* ]]; then elif [[ $j == *:* ]]; then
ip6tables -I BOTBLOCKER -t filter -s $j/64 -j DROP ip6tables -I BOTBLOCKER -t filter -s $j/64 -j DROP
fi fi
done
for j in $(cat /etc/rtbl); do
if [[ $j == *.*.*.* ]]; then
iptables -I RTBL -t filter -s $j -j DROP
elif [[ $j == *:* ]]; then
ip6tables -I RTBL -t filter -s $j -j DROP
fi
done done
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment