diff --git a/firewall.sh b/firewall.sh index 8bd4ceb..63519f6 100755 --- a/firewall.sh +++ b/firewall.sh @@ -113,7 +113,7 @@ wireguard-networking() { attacker-protection() { watch - bash $MODULES/module-nostr.sh "$i" "$DATE" + bash $MODULES/module-nostr.sh "$i" "$DATE" "$ACCESS" bot-search } @@ -287,14 +287,14 @@ watch() { IP=($(grep $DATE $ACCESS | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${CRAWLER_DB[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | grep -vi $MY_IP | grep -vi '127.0.0.1' | cut -d ' ' -f1 | sort -u)) for i in "${IP[@]}"; do - bash $MODULES/module-akkoma-instance.sh "$i" "$DATE" - bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE" - bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE" - bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE" - bash $MODULES/module-akkoma-search.sh "$i" "$DATE" - bash $MODULES/module-lightning.sh "$i" "$DATE" - bash $MODULES/module-php.sh "$i" "$DATE" - bash $MODULES/module-go.sh "$i" "$DATE" + bash $MODULES/module-akkoma-instance.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-akkoma-search.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-lightning.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-php.sh "$i" "$DATE" "$ACCESS" + bash $MODULES/module-go.sh "$i" "$DATE" "$ACCESS" COUNT=$(grep $DATE $ACCESS | grep $i | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | wc -l) CHECK=$(cat $NFT_CACHE | sort -u | grep $i) diff --git a/modules/module-akkoma-accounts.sh b/modules/module-akkoma-accounts.sh index add4c7a..b9b9572 100644 --- a/modules/module-akkoma-accounts.sh +++ b/modules/module-akkoma-accounts.sh @@ -1,9 +1,8 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" NFT_CACHE='/tmp/nft.cache' -ACCESS="/tmp/minute.log" ATTACK="module-akkoma-accounts" -COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v1/accounts" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep "api/v1/accounts" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) if [[ $SEARCH_SPAM -gt 100 ]]; then @@ -12,7 +11,7 @@ if [[ $SEARCH_SPAM -gt 100 ]]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 - cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt + cp -f $3 /tmp/debug-$ATTACK-$1.txt echo "$ATTACK $1" else echo "$ATTACK Ignoring Duplicate IP: $1" diff --git a/modules/module-akkoma-instance.sh b/modules/module-akkoma-instance.sh index 373aec1..6196f7b 100644 --- a/modules/module-akkoma-instance.sh +++ b/modules/module-akkoma-instance.sh @@ -1,9 +1,8 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" NFT_CACHE='/tmp/nft.cache' -ACCESS="/tmp/minute.log" ATTACK="module-akkoma-instance" -COUNT_SPAM=$(grep $2 $ACCESS | grep -E "api/v1/instance" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep -E "api/v1/instance" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) if [[ $SEARCH_SPAM -gt 30 ]]; then diff --git a/modules/module-akkoma-search.sh b/modules/module-akkoma-search.sh index 697b98b..8f2288f 100644 --- a/modules/module-akkoma-search.sh +++ b/modules/module-akkoma-search.sh @@ -1,9 +1,8 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" NFT_CACHE='/tmp/nft.cache' -ACCESS="/tmp/minute.log" ATTACK="module-akkoma-search" -COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v2/search" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep "api/v2/search" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) if [[ $SEARCH_SPAM -gt 10 ]]; then diff --git a/modules/module-akkoma-timeline-home.sh b/modules/module-akkoma-timeline-home.sh index 15959d5..49eedc8 100644 --- a/modules/module-akkoma-timeline-home.sh +++ b/modules/module-akkoma-timeline-home.sh @@ -1,9 +1,8 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" NFT_CACHE='/tmp/nft.cache' -ACCESS="/tmp/minute.log" ATTACK="module-akkoma-timeline-home" -COUNT_SPAM=$(grep $2 $ACCESS | grep -E "timelines/home" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep -E "timelines/home" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) if [[ $SEARCH_SPAM -gt 30 ]]; then diff --git a/modules/module-akkoma-timeline-public.sh b/modules/module-akkoma-timeline-public.sh index 67dd29d..19fb19d 100644 --- a/modules/module-akkoma-timeline-public.sh +++ b/modules/module-akkoma-timeline-public.sh @@ -1,9 +1,8 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" NFT_CACHE='/tmp/nft.cache' -ACCESS="/tmp/minute.log" ATTACK="module-akkoma-timeline-public" -COUNT_SPAM=$(grep $2 $ACCESS | grep "timelines/public" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep "timelines/public" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) if [[ "$SEARCH_SPAM" -gt 30 ]]; then diff --git a/modules/module-get-spam.sh b/modules/module-get-spam.sh index b0d931e..aa4eee7 100644 --- a/modules/module-get-spam.sh +++ b/modules/module-get-spam.sh @@ -1,8 +1,7 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" -ACCESS="/tmp/minute.log" ATTACK="module-get-spam" -COUNT_SPAM=$(grep $2 $ACCESS | grep -E "GET / HTTP" | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep -E "GET / HTTP" | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) if [[ $SEARCH_SPAM -gt 20 ]]; then bash $FIREWALL ipBlockParser "$1" diff --git a/modules/module-go.sh b/modules/module-go.sh index 203f928..c7074f7 100644 --- a/modules/module-go.sh +++ b/modules/module-go.sh @@ -1,12 +1,11 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" -ACCESS="/tmp/minute.log" ATTACK="module-go" -COUNT_SPAM=$(grep $2 $ACCESS | grep "Go-http-client" | grep $1 | wc -l) +COUNT_SPAM=$(grep $2 $3 | grep "Go-http-client" | grep $1 | wc -l) SEARCH_SPAM=$(($COUNT_SPAM)) if [[ $SEARCH_SPAM -gt 10 ]]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 - cp $ACCESS /tmp/debug-$ATTACK-$1.txt + cp -f $3 /tmp/debug-$ATTACK-$1.txt fi diff --git a/modules/module-lightning.sh b/modules/module-lightning.sh index ccb6280..27b7ddd 100644 --- a/modules/module-lightning.sh +++ b/modules/module-lightning.sh @@ -1,12 +1,11 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" -ACCESS="/tmp/minute.log" ATTACK="module-lightning" -GET_COUNT=$(grep $2 $ACCESS | grep "lnurlp/verita84" | grep $1 | wc -l) +GET_COUNT=$(grep $2 $3 | grep "lnurlp/verita84" | grep $1 | wc -l) LN_SPAM=$(($GET_COUNT)) if [[ $LN_SPAM -gt 5 ]]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 - cp -f $ACCESS /tmp/$ATTACK-$1 + cp -f $3 /tmp/$ATTACK-$1 fi diff --git a/modules/module-nostr.sh b/modules/module-nostr.sh index f14c9d7..5e58440 100644 --- a/modules/module-nostr.sh +++ b/modules/module-nostr.sh @@ -1,8 +1,7 @@ #!/bin/bash POLICY='/opt/strfry-policies/strfry-policy.ts' FIREWALL="/opt/firewall/firewall.sh" -ACCESS="/tmp/minute.log" -IP=($(grep $2 $ACCESS | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//')) +IP=($(grep $2 $3 | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//')) for i in "${IP[@]}"; do if [[ "$i" == *"npub"* ]]; then HEX=$(/opt/nak-v0.2.2-linux-amd64 decode $i | jq ".pubkey" | sed 's/"//i' | sed 's/"//i') diff --git a/modules/module-php.sh b/modules/module-php.sh index d13f5e6..75d61d2 100644 --- a/modules/module-php.sh +++ b/modules/module-php.sh @@ -1,11 +1,10 @@ #!/bin/bash FIREWALL="/opt/firewall/firewall.sh" -ACCESS="/tmp/minute.log" ATTACK="module-php" -PHP_SPAM=$(grep $2 $ACCESS | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l) +PHP_SPAM=$(grep $2 $3 | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l) if [[ "$PHP_SPAM" -gt 10 ]]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 - cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt + cp -f $3 /tmp/debug-$ATTACK-$1.txt fi