2024-09-24 19:43:13 -06:00
|
|
|
### Prerequisites
|
|
|
|
|
1. NFT
|
|
|
|
|
2. Redis
|
|
|
|
|
|
2024-09-24 19:45:16 -06:00
|
|
|
### Install
|
2024-09-24 19:44:13 -06:00
|
|
|
* ```cd /opt```
|
|
|
|
|
* ```git clone https://git.poster.place/verita84/firewall```
|
2024-09-24 19:47:09 -06:00
|
|
|
* ```cp firewall.service /etc/systemd/system```
|
|
|
|
|
* ```systemctl enable --now firewall```
|
2024-09-24 19:43:13 -06:00
|
|
|
|
|
|
|
|
### Configure Redis Schema
|
|
|
|
|
```bash firewall.sh import-db```
|
|
|
|
|
|
|
|
|
|
### Configure firewall.sh
|
2024-09-24 19:44:54 -06:00
|
|
|
* Edit the ```portConfig``` variables to allow ports
|
2024-09-24 19:44:13 -06:00
|
|
|
* Modify ```NGINX_ACCESS``` to point to your NGINX config file
|
2024-09-24 19:43:13 -06:00
|
|
|
|
|
|
|
|
### Add Detection by the Minute via Cron
|
|
|
|
|
```
|
|
|
|
|
*/1 * * * * bash /opt/firewall/firewall.sh attacker-protection
|
|
|
|
|
*/5 * * * * bash /opt/firewall/firewall.sh forgive
|
|
|
|
|
```
|
2024-09-24 19:47:47 -06:00
|
|
|
### Accessing the Menu
|
|
|
|
|
```bash firewall.sh```
|
2024-09-24 19:50:18 -06:00
|
|
|
|
|
|
|
|
### Custom Modules
|
2024-09-24 19:50:43 -06:00
|
|
|
* There are a few custom function modules to protect against certain DDOS attacks and they are named ```module-foo()```.
|
2024-09-24 19:50:18 -06:00
|
|
|
* Modules can be loaded by adding them to the ```attacker-protection()``` or ```watch()``` function as needed
|
|
|
|
|
|
