aMule Forum
English => en_Linux => Topic started by: s0undt3ch on December 27, 2004, 03:55:08 PM
-
I neen help, well really I need a script that parses this file (http://ufsoft.no-ip.com/filez/ipblock.dat.tar.bz2) (mirror (http://soundtech.no.sapo.pt/ipblock.dat.zip)) and adds these ip's or ip ranges to be rejected to/by IPTABLES?
Any Help?
Here's a bit of what's inside:
002.001.000.085 - 002.001.000.085 , 000 , Fake File servers AP2P
003.001.000.060 - 003.001.000.060 , 000 , Fake File servers AP2P
003.001.000.251 - 003.001.000.251 , 000 , Fake File servers AP2P
004.000.038.034 - 004.000.038.036 , 000 , s0.micromend.bbnplanet.net AP2P
004.000.038.042 - 004.000.038.052 , 000 , s0.wbcsanfran.bbnplanet.net AP2P
004.000.038.058 - 004.000.038.060 , 000 , s0.verizonlegaldpt.bbnplanet.net AP2P
004.000.038.074 - 004.000.038.080 , 000 , s0.bdai12.bbnplanet.net AP2P
004.000.038.086 - 004.000.038.088 , 000 , s0.wennersf.bbplanet.net AP2P
004.000.038.114 - 004.000.038.120 , 000 , multilink1.cityofsm.bbnplanet.net AP2P
004.000.038.254 - 004.000.038.255 , 000 , multilink0.art3.bbnplanet.net AP2P
004.000.159.038 - 004.000.159.040 , 000 , s0.leo3.bbnplanet.net(lawenforcement online) AP2P
004.000.181.086 - 004.000.181.088 , 000 , s0.CR2.bbnplanet.net AP2P
004.000.242.066 - 004.000.242.080 , 000 , s0.animationtech.bbnplanet.net AP2P
I't could be somenthing like:
New line?, do I find a valid IP here? IP-range?, then a coma?, then 000?, ok then add it to IPTABLBES to be DROPED, end of line? then.....
New line?, do I find a valid IP here? IP-Range?, then a coma?, then 000?, ok then add it to IPTABLBES to be DROPED, end of line? then.....
More or less like this?
Thanks! It would help a lot...
-
Perl is pretty good in pattern matching. You can match ip by (\d{4}\.){4} for example. awk can brake like on some char (space is default).
You have to choose script language (I suggest perl), and then try to ask more specific questions.
One more personal advice: stay away from sh (sh, csh, tcsh ...)
It's really not that complicated :))
-
What makes it a bit harder, is that you cannot specify ranges to iptables, only IP/netmask.
It is possible to do, but not so easy.
Have fun with it.
-
The problem is that I don't know perl!!!
Nor SH!!!
Only a bit of PHP, and a bit of JAVA!!!!
:]
Anyway, any help would be apreciated!!!!
P.S.: Tanks for all the help so far...
-
Originally posted by GonoszTopi
What makes it a bit harder, is that you cannot specify ranges to iptables, only IP/netmask.
It is possible to do, but not so easy.
Have fun with it.
Well, we could find out this:
If IP - IP then its a ip range, then all IP between will be added , dropped...
-
I'll might do it for you if I'll have some spare time - this is not a promise nor an offer, just thinking loud 8)
-
Originally posted by GonoszTopi
I'll might do it for you if I'll have some spare time - this is not a promise nor an offer, just thinking loud 8)
I'm just smilling :D just because of your thoughts!!
Want some more encoragement?
:baby:
-
#!/usr/bin/perl
$inputfile = "ipblock.dat";
$pattern = '^(\d{3}\.\d{3}\.\d{3}\.\d{3})\s\-\s(\d{3}\.\d{3}\.\d{3}\.\d{3})\s,\s\d{3}\s,\s(.*)$';
$template = "iptables -I INPUT -s IP -j DROP\n";
open FHANDLE, "<$inputfile" || die "couldn't open sourcefile\n";
while ($line = )
{
$line =~ m/$pattern/go; # $1 first address, $2 second address, $3 explanation
$left_border = $1;
$right_border = $2;
$template =~ s/IP/$left_border/;
print $template;
}
close FHANDLE;
you have to modify the iptables template to enable ip ranges (--src-range)
and to use it you can either pipe the output into a script-file >>blockthemall.sh ;) or replace print with an exec-command...
just an idea ;)
-
Originally posted by greaman
you have to modify the iptables template to enable ip ranges (--src-range)
Sorry but how, what, wich, where?
and to use it you can either pipe the output into a script-file >>blockthemall.sh ;) or replace print with an exec-command...
Well, here's the result when running your script:
line 00001: iptables -I INPUT -s 002.001.000.085 -j DROP
(...)
line 00100: iptables -I INPUT -s 002.001.000.085 -j DROP
(...)
line 01000: iptables -I INPUT -s 002.001.000.085 -j DROP
(...)
line 10000: iptables -I INPUT -s 002.001.000.085 -j DROP
(...)
line 20000: iptables -I INPUT -s 002.001.000.085 -j DROP
(...)
line 22366: iptables -I INPUT -s 002.001.000.085 -j DROP
EndOfFileLooks like something is wrong!
I understood what you where acomplishing with the script, but looks like althoug it ran on all the lines, It always kept the first in memory!?
-
That's becouse of bug in script. It should be like this:
#!/usr/bin/perl
$inputfile = "ipblock.dat";
$pattern = '^(\d{3}\.\d{3}\.\d{3}\.\d{3})\s\-\s(\d{3}\.\d{3}\.\d{3}\.\d{3})\s,\s\d{3}\s,\s(.*)$';
$template = "iptables -I INPUT -s IP -j DROP\n";
open FHANDLE, "<$inputfile" || die "couldn't open sourcefile\n";
while ($line = )
{
$line =~ m/$pattern/go; # $1 first address, $2 second address, $3 explanation
$left_border = $1;
$right_border = $2;
$codeline = $template;
$codeline =~ s/IP/$left_border/;
print $codeline;
}
close FHANDLE;
-
jup...my fault...happens after too much wine ;)
and you have to adjust the iptables command... I had no time to look up the exact command dropping the ranges, maybe later this day after some hours of sheep counting and resetting my brain :))
-
Working good now!
Now for the ip ranges, can it be donne?
Something like $ip1 != $ip2 then it's a range.
Instead of just dropping $ip2, drop everything between $ip1 and $ip2