diff --git a/firewall.sh b/firewall.sh index 331a9de..67d7e1a 100755 --- a/firewall.sh +++ b/firewall.sh @@ -7,6 +7,7 @@ ACCESS="/tmp/minute.log" HTTP_LIMIT="100" RATE_LIMITED_HTTP="30" MODULES="/opt/firewall/modules" +TMP_BLOCK_TIMEOUT="20" grep $DATE $NGINX_ACCESS >$ACCESS #Firewall Port Configuration # @@ -331,6 +332,8 @@ watch() { bash $MODULES/module-rate-limit.sh $HTTP_LIMIT else bash $MODULES/module-rate-limit.sh $RATE_LIMITED_HTTP + sleep $TMP_BLOCK_TIMEOUT + forgive fi } diff --git a/modules/module-akkoma-accounts.sh b/modules/module-akkoma-accounts.sh index 1b3cc3a..3b628ae 100644 --- a/modules/module-akkoma-accounts.sh +++ b/modules/module-akkoma-accounts.sh @@ -5,12 +5,13 @@ ACCESS="/tmp/minute.log" ATTACK="module-akkoma-accounts" SEARCH_SPAM=$(grep $2 $ACCESS | grep "api/v1/accounts" | grep $1 | wc -l) CHECK=$(cat $NFT_CACHE | sort -u | grep $1) -if [[ "$SEARCH_SPAM" -gt 30 ]]; then +if [[ "$SEARCH_SPAM" -gt 100 ]]; then echo "$IP $CHECK $COUNT" if [ "$CHECK" = "" ]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 + cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt echo "$ATTACK $1" else echo "$ATTACK Ignoring Duplicate IP: $1" diff --git a/modules/module-go.sh b/modules/module-go.sh index 7e0effd..ecd9614 100644 --- a/modules/module-go.sh +++ b/modules/module-go.sh @@ -2,9 +2,10 @@ FIREWALL="/opt/firewall/firewall.sh" ACCESS="/tmp/minute.log" ATTACK="module-go" -GO_SPAM=$(grep $2 $ACCESS | grep -E "Go-http-client" | wc -l) +GO_SPAM=$(grep $2 $ACCESS | grep "Go-http-client" | grep $1 | wc -l) if [[ "$GO_SPAM" -gt 10 ]]; then bash $FIREWALL ipBlockParser "$1" bash $FIREWALL message "$ATTACK-$1" redis-cli SADD tmp_block $1 + cp $ACCESS /tmp/debug-$ATTACK-$1.txt fi