fiux
This commit is contained in:
Your Name
parent
dbee5eee51
commit
5b25040de2
18
firewall.sh
18
firewall.sh
@ -113,7 +113,7 @@ wireguard-networking() {
|
||||
|
||||
attacker-protection() {
|
||||
watch
|
||||
bash $MODULES/module-nostr.sh "$i" "$DATE"
|
||||
bash $MODULES/module-nostr.sh "$i" "$DATE" "$ACCESS"
|
||||
bot-search
|
||||
}
|
||||
|
||||
@ -287,14 +287,14 @@ watch() {
|
||||
IP=($(grep $DATE $ACCESS | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${CRAWLER_DB[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | grep -vi $MY_IP | grep -vi '127.0.0.1' | cut -d ' ' -f1 | sort -u))
|
||||
|
||||
for i in "${IP[@]}"; do
|
||||
bash $MODULES/module-akkoma-instance.sh "$i" "$DATE"
|
||||
bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE"
|
||||
bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE"
|
||||
bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE"
|
||||
bash $MODULES/module-akkoma-search.sh "$i" "$DATE"
|
||||
bash $MODULES/module-lightning.sh "$i" "$DATE"
|
||||
bash $MODULES/module-php.sh "$i" "$DATE"
|
||||
bash $MODULES/module-go.sh "$i" "$DATE"
|
||||
bash $MODULES/module-akkoma-instance.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-akkoma-search.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-lightning.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-php.sh "$i" "$DATE" "$ACCESS"
|
||||
bash $MODULES/module-go.sh "$i" "$DATE" "$ACCESS"
|
||||
|
||||
COUNT=$(grep $DATE $ACCESS | grep $i | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | wc -l)
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $i)
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
NFT_CACHE='/tmp/nft.cache'
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-accounts"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v1/accounts" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep "api/v1/accounts" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ $SEARCH_SPAM -gt 100 ]]; then
|
||||
@ -12,7 +11,7 @@ if [[ $SEARCH_SPAM -gt 100 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt
|
||||
cp -f $3 /tmp/debug-$ATTACK-$1.txt
|
||||
echo "$ATTACK $1"
|
||||
else
|
||||
echo "$ATTACK Ignoring Duplicate IP: $1"
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
NFT_CACHE='/tmp/nft.cache'
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-instance"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "api/v1/instance" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep -E "api/v1/instance" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ $SEARCH_SPAM -gt 30 ]]; then
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
NFT_CACHE='/tmp/nft.cache'
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-search"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v2/search" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep "api/v2/search" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ $SEARCH_SPAM -gt 10 ]]; then
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
NFT_CACHE='/tmp/nft.cache'
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-timeline-home"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "timelines/home" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep -E "timelines/home" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ $SEARCH_SPAM -gt 30 ]]; then
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
NFT_CACHE='/tmp/nft.cache'
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-timeline-public"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep "timelines/public" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep "timelines/public" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ "$SEARCH_SPAM" -gt 30 ]]; then
|
||||
|
||||
@ -1,8 +1,7 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-get-spam"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "GET / HTTP" | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep -E "GET / HTTP" | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
if [[ $SEARCH_SPAM -gt 20 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
|
||||
@ -1,12 +1,11 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-go"
|
||||
COUNT_SPAM=$(grep $2 $ACCESS | grep "Go-http-client" | grep $1 | wc -l)
|
||||
COUNT_SPAM=$(grep $2 $3 | grep "Go-http-client" | grep $1 | wc -l)
|
||||
SEARCH_SPAM=$(($COUNT_SPAM))
|
||||
if [[ $SEARCH_SPAM -gt 10 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp $ACCESS /tmp/debug-$ATTACK-$1.txt
|
||||
cp -f $3 /tmp/debug-$ATTACK-$1.txt
|
||||
fi
|
||||
|
||||
@ -1,12 +1,11 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-lightning"
|
||||
GET_COUNT=$(grep $2 $ACCESS | grep "lnurlp/verita84" | grep $1 | wc -l)
|
||||
GET_COUNT=$(grep $2 $3 | grep "lnurlp/verita84" | grep $1 | wc -l)
|
||||
LN_SPAM=$(($GET_COUNT))
|
||||
if [[ $LN_SPAM -gt 5 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp -f $ACCESS /tmp/$ATTACK-$1
|
||||
cp -f $3 /tmp/$ATTACK-$1
|
||||
fi
|
||||
|
||||
@ -1,8 +1,7 @@
|
||||
#!/bin/bash
|
||||
POLICY='/opt/strfry-policies/strfry-policy.ts'
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
IP=($(grep $2 $ACCESS | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//'))
|
||||
IP=($(grep $2 $3 | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//'))
|
||||
for i in "${IP[@]}"; do
|
||||
if [[ "$i" == *"npub"* ]]; then
|
||||
HEX=$(/opt/nak-v0.2.2-linux-amd64 decode $i | jq ".pubkey" | sed 's/"//i' | sed 's/"//i')
|
||||
|
||||
@ -1,11 +1,10 @@
|
||||
#!/bin/bash
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-php"
|
||||
PHP_SPAM=$(grep $2 $ACCESS | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l)
|
||||
PHP_SPAM=$(grep $2 $3 | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l)
|
||||
if [[ "$PHP_SPAM" -gt 10 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt
|
||||
cp -f $3 /tmp/debug-$ATTACK-$1.txt
|
||||
fi
|
||||
|
||||
Loading…
Reference in New Issue
Block a user