This commit is contained in:
Your Name 2024-09-25 19:49:34 -06:00
parent dbee5eee51
commit 5b25040de2
11 changed files with 23 additions and 33 deletions

View File

@ -113,7 +113,7 @@ wireguard-networking() {
attacker-protection() { attacker-protection() {
watch watch
bash $MODULES/module-nostr.sh "$i" "$DATE" bash $MODULES/module-nostr.sh "$i" "$DATE" "$ACCESS"
bot-search bot-search
} }
@ -287,14 +287,14 @@ watch() {
IP=($(grep $DATE $ACCESS | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${CRAWLER_DB[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | grep -vi $MY_IP | grep -vi '127.0.0.1' | cut -d ' ' -f1 | sort -u)) IP=($(grep $DATE $ACCESS | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${CRAWLER_DB[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | grep -vi $MY_IP | grep -vi '127.0.0.1' | cut -d ' ' -f1 | sort -u))
for i in "${IP[@]}"; do for i in "${IP[@]}"; do
bash $MODULES/module-akkoma-instance.sh "$i" "$DATE" bash $MODULES/module-akkoma-instance.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE" bash $MODULES/module-akkoma-timeline-public.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE" bash $MODULES/module-akkoma-timeline-home.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE" bash $MODULES/module-akkoma-accounts.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-akkoma-search.sh "$i" "$DATE" bash $MODULES/module-akkoma-search.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-lightning.sh "$i" "$DATE" bash $MODULES/module-lightning.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-php.sh "$i" "$DATE" bash $MODULES/module-php.sh "$i" "$DATE" "$ACCESS"
bash $MODULES/module-go.sh "$i" "$DATE" bash $MODULES/module-go.sh "$i" "$DATE" "$ACCESS"
COUNT=$(grep $DATE $ACCESS | grep $i | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | wc -l) COUNT=$(grep $DATE $ACCESS | grep $i | grep -Fivf <(printf '%s\n' "${SAFE_TRAFFIC[@]}") | grep -Fivf <(printf '%s\n' "${SAVED_BOTS[@]}") | wc -l)
CHECK=$(cat $NFT_CACHE | sort -u | grep $i) CHECK=$(cat $NFT_CACHE | sort -u | grep $i)

View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
NFT_CACHE='/tmp/nft.cache' NFT_CACHE='/tmp/nft.cache'
ACCESS="/tmp/minute.log"
ATTACK="module-akkoma-accounts" ATTACK="module-akkoma-accounts"
COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v1/accounts" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep "api/v1/accounts" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
CHECK=$(cat $NFT_CACHE | sort -u | grep $1) CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
if [[ $SEARCH_SPAM -gt 100 ]]; then if [[ $SEARCH_SPAM -gt 100 ]]; then
@ -12,7 +11,7 @@ if [[ $SEARCH_SPAM -gt 100 ]]; then
bash $FIREWALL ipBlockParser "$1" bash $FIREWALL ipBlockParser "$1"
bash $FIREWALL message "$ATTACK-$1" bash $FIREWALL message "$ATTACK-$1"
redis-cli SADD tmp_block $1 redis-cli SADD tmp_block $1
cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt cp -f $3 /tmp/debug-$ATTACK-$1.txt
echo "$ATTACK $1" echo "$ATTACK $1"
else else
echo "$ATTACK Ignoring Duplicate IP: $1" echo "$ATTACK Ignoring Duplicate IP: $1"

View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
NFT_CACHE='/tmp/nft.cache' NFT_CACHE='/tmp/nft.cache'
ACCESS="/tmp/minute.log"
ATTACK="module-akkoma-instance" ATTACK="module-akkoma-instance"
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "api/v1/instance" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep -E "api/v1/instance" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
CHECK=$(cat $NFT_CACHE | sort -u | grep $1) CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
if [[ $SEARCH_SPAM -gt 30 ]]; then if [[ $SEARCH_SPAM -gt 30 ]]; then

View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
NFT_CACHE='/tmp/nft.cache' NFT_CACHE='/tmp/nft.cache'
ACCESS="/tmp/minute.log"
ATTACK="module-akkoma-search" ATTACK="module-akkoma-search"
COUNT_SPAM=$(grep $2 $ACCESS | grep "api/v2/search" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep "api/v2/search" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
CHECK=$(cat $NFT_CACHE | sort -u | grep $1) CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
if [[ $SEARCH_SPAM -gt 10 ]]; then if [[ $SEARCH_SPAM -gt 10 ]]; then

View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
NFT_CACHE='/tmp/nft.cache' NFT_CACHE='/tmp/nft.cache'
ACCESS="/tmp/minute.log"
ATTACK="module-akkoma-timeline-home" ATTACK="module-akkoma-timeline-home"
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "timelines/home" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep -E "timelines/home" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
CHECK=$(cat $NFT_CACHE | sort -u | grep $1) CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
if [[ $SEARCH_SPAM -gt 30 ]]; then if [[ $SEARCH_SPAM -gt 30 ]]; then

View File

@ -1,9 +1,8 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
NFT_CACHE='/tmp/nft.cache' NFT_CACHE='/tmp/nft.cache'
ACCESS="/tmp/minute.log"
ATTACK="module-akkoma-timeline-public" ATTACK="module-akkoma-timeline-public"
COUNT_SPAM=$(grep $2 $ACCESS | grep "timelines/public" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep "timelines/public" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
CHECK=$(cat $NFT_CACHE | sort -u | grep $1) CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
if [[ "$SEARCH_SPAM" -gt 30 ]]; then if [[ "$SEARCH_SPAM" -gt 30 ]]; then

View File

@ -1,8 +1,7 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log"
ATTACK="module-get-spam" ATTACK="module-get-spam"
COUNT_SPAM=$(grep $2 $ACCESS | grep -E "GET / HTTP" | wc -l) COUNT_SPAM=$(grep $2 $3 | grep -E "GET / HTTP" | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
if [[ $SEARCH_SPAM -gt 20 ]]; then if [[ $SEARCH_SPAM -gt 20 ]]; then
bash $FIREWALL ipBlockParser "$1" bash $FIREWALL ipBlockParser "$1"

View File

@ -1,12 +1,11 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log"
ATTACK="module-go" ATTACK="module-go"
COUNT_SPAM=$(grep $2 $ACCESS | grep "Go-http-client" | grep $1 | wc -l) COUNT_SPAM=$(grep $2 $3 | grep "Go-http-client" | grep $1 | wc -l)
SEARCH_SPAM=$(($COUNT_SPAM)) SEARCH_SPAM=$(($COUNT_SPAM))
if [[ $SEARCH_SPAM -gt 10 ]]; then if [[ $SEARCH_SPAM -gt 10 ]]; then
bash $FIREWALL ipBlockParser "$1" bash $FIREWALL ipBlockParser "$1"
bash $FIREWALL message "$ATTACK-$1" bash $FIREWALL message "$ATTACK-$1"
redis-cli SADD tmp_block $1 redis-cli SADD tmp_block $1
cp $ACCESS /tmp/debug-$ATTACK-$1.txt cp -f $3 /tmp/debug-$ATTACK-$1.txt
fi fi

View File

@ -1,12 +1,11 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log"
ATTACK="module-lightning" ATTACK="module-lightning"
GET_COUNT=$(grep $2 $ACCESS | grep "lnurlp/verita84" | grep $1 | wc -l) GET_COUNT=$(grep $2 $3 | grep "lnurlp/verita84" | grep $1 | wc -l)
LN_SPAM=$(($GET_COUNT)) LN_SPAM=$(($GET_COUNT))
if [[ $LN_SPAM -gt 5 ]]; then if [[ $LN_SPAM -gt 5 ]]; then
bash $FIREWALL ipBlockParser "$1" bash $FIREWALL ipBlockParser "$1"
bash $FIREWALL message "$ATTACK-$1" bash $FIREWALL message "$ATTACK-$1"
redis-cli SADD tmp_block $1 redis-cli SADD tmp_block $1
cp -f $ACCESS /tmp/$ATTACK-$1 cp -f $3 /tmp/$ATTACK-$1
fi fi

View File

@ -1,8 +1,7 @@
#!/bin/bash #!/bin/bash
POLICY='/opt/strfry-policies/strfry-policy.ts' POLICY='/opt/strfry-policies/strfry-policy.ts'
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log" IP=($(grep $2 $3 | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//'))
IP=($(grep $2 $ACCESS | grep "/block=" | cut -d '=' -f2 | cut -d ' ' -f1 | sed 's/"//'))
for i in "${IP[@]}"; do for i in "${IP[@]}"; do
if [[ "$i" == *"npub"* ]]; then if [[ "$i" == *"npub"* ]]; then
HEX=$(/opt/nak-v0.2.2-linux-amd64 decode $i | jq ".pubkey" | sed 's/"//i' | sed 's/"//i') HEX=$(/opt/nak-v0.2.2-linux-amd64 decode $i | jq ".pubkey" | sed 's/"//i' | sed 's/"//i')

View File

@ -1,11 +1,10 @@
#!/bin/bash #!/bin/bash
FIREWALL="/opt/firewall/firewall.sh" FIREWALL="/opt/firewall/firewall.sh"
ACCESS="/tmp/minute.log"
ATTACK="module-php" ATTACK="module-php"
PHP_SPAM=$(grep $2 $ACCESS | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l) PHP_SPAM=$(grep $2 $3 | grep -E ".php|cgi-bin|wp-content|wp-admin|wp-includes" | wc -l)
if [[ "$PHP_SPAM" -gt 10 ]]; then if [[ "$PHP_SPAM" -gt 10 ]]; then
bash $FIREWALL ipBlockParser "$1" bash $FIREWALL ipBlockParser "$1"
bash $FIREWALL message "$ATTACK-$1" bash $FIREWALL message "$ATTACK-$1"
redis-cli SADD tmp_block $1 redis-cli SADD tmp_block $1
cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt cp -f $3 /tmp/debug-$ATTACK-$1.txt
fi fi