Commit 48820d7e authored by Alynna Trypnotk's avatar Alynna Trypnotk

Update botblocker

parent eb773e31
Pipeline #18 canceled with stages
......@@ -9,6 +9,16 @@ ip6tables -t filter -F BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -X BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -N BOTBLOCKER >/dev/null 2>&1 || true
ip6tables -t filter -A INPUT ! -s 2603:300b:768:b000::/64 -j BOTBLOCKER
iptables -t filter -D INPUT ! -s 10.0.0.0/8 -j RTBL >/dev/null 2>&1 || true
iptables -t filter -F RTBL >/dev/null 2>&1 || true
iptables -t filter -X RTBL >/dev/null 2>&1 || true
iptables -t filter -N RTBL >/dev/null 2>&1 || true
iptables -t filter -A INPUT ! -s 10.0.0.0/8 -j RTBL
ip6tables -t filter -D INPUT ! -s 2603:300b:768:b000::/64 -j RTBL >/dev/null 2>&1 || true
ip6tables -t filter -F RTBL >/dev/null 2>&1 || true
ip6tables -t filter -X RTBL >/dev/null 2>&1 || true
ip6tables -t filter -N RTBL >/dev/null 2>&1 || true
ip6tables -t filter -A INPUT ! -s 2603:300b:768:b000::/64 -j RTBL
tail -n 10000 /var/log/nginx/access.log | egrep -iv "google|yahoo|bing" | grep -i "bot" | cut -d' ' -f1 | uniq > /var/cache/bots
for j in $(cat /var/cache/bots); do
if [[ $j == *.*.*.* ]]; then
......@@ -17,3 +27,10 @@ for j in $(cat /var/cache/bots); do
ip6tables -I BOTBLOCKER -t filter -s $j/64 -j DROP
fi
done
for j in $(cat /etc/rtbl); do
if [[ $j == *.*.*.* ]]; then
iptables -I RTBL -t filter -s $j -j DROP
elif [[ $j == *:* ]]; then
ip6tables -I RTBL -t filter -s $j -j DROP
fi
done
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment