fix
This commit is contained in:
parent
bec4acd12e
commit
b9a2d677dd
@ -7,6 +7,7 @@ ACCESS="/tmp/minute.log"
|
||||
HTTP_LIMIT="100"
|
||||
RATE_LIMITED_HTTP="30"
|
||||
MODULES="/opt/firewall/modules"
|
||||
TMP_BLOCK_TIMEOUT="20"
|
||||
grep $DATE $NGINX_ACCESS >$ACCESS
|
||||
#Firewall Port Configuration
|
||||
#
|
||||
@ -331,6 +332,8 @@ watch() {
|
||||
bash $MODULES/module-rate-limit.sh $HTTP_LIMIT
|
||||
else
|
||||
bash $MODULES/module-rate-limit.sh $RATE_LIMITED_HTTP
|
||||
sleep $TMP_BLOCK_TIMEOUT
|
||||
forgive
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -5,12 +5,13 @@ ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-akkoma-accounts"
|
||||
SEARCH_SPAM=$(grep $2 $ACCESS | grep "api/v1/accounts" | grep $1 | wc -l)
|
||||
CHECK=$(cat $NFT_CACHE | sort -u | grep $1)
|
||||
if [[ "$SEARCH_SPAM" -gt 30 ]]; then
|
||||
if [[ "$SEARCH_SPAM" -gt 100 ]]; then
|
||||
echo "$IP $CHECK $COUNT"
|
||||
if [ "$CHECK" = "" ]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp -f $ACCESS /tmp/debug-$ATTACK-$1.txt
|
||||
echo "$ATTACK $1"
|
||||
else
|
||||
echo "$ATTACK Ignoring Duplicate IP: $1"
|
||||
|
@ -2,9 +2,10 @@
|
||||
FIREWALL="/opt/firewall/firewall.sh"
|
||||
ACCESS="/tmp/minute.log"
|
||||
ATTACK="module-go"
|
||||
GO_SPAM=$(grep $2 $ACCESS | grep -E "Go-http-client" | wc -l)
|
||||
GO_SPAM=$(grep $2 $ACCESS | grep "Go-http-client" | grep $1 | wc -l)
|
||||
if [[ "$GO_SPAM" -gt 10 ]]; then
|
||||
bash $FIREWALL ipBlockParser "$1"
|
||||
bash $FIREWALL message "$ATTACK-$1"
|
||||
redis-cli SADD tmp_block $1
|
||||
cp $ACCESS /tmp/debug-$ATTACK-$1.txt
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user