From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 21 Jan 2009 20:48:29 +0000 (+0100)
Subject: Did a small rewrite of ids-block script.
X-Git-Tag: v3.0-alpha1~95
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92ee4c7a0531308c55642230c4a02d9bcd73ea2c;p=ipfire-3.x.git

Did a small rewrite of ids-block script.
---

diff --git a/config/syslog-ng/ids-block b/config/syslog-ng/ids-block
index ad4b74445..9d411c2e4 100644
--- a/config/syslog-ng/ids-block
+++ b/config/syslog-ng/ids-block
@@ -1,14 +1,47 @@
 #!/usr/bin/python
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007, 2008, 2009 Michael Tremer & Christian Schmidt           #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
 
-import sys,os,re
-#print sys.argv
+import os
+import sys
+import re
 
-if len(sys.argv) < 2:
-	print 'Es wurden keine Parameter uebergeben.'
-	sys.exit()
+from IPy import IP
 
 #os.system('modprobe ipt_recent ip_list_tot=1000')
 
-m = re.findall(r"[1-9]{1,1}[0-9]{0,2}\.[1-9]{1,1}[0-9]{0,2}\.[1-9]{1,1}[0-9]{0,2}\.[1-9]{1,1}[0-9]{0,2}", sys.argv[1])
-#print m
-os.system('echo %s > /proc/net/ipt_recent/BLOCK' % m[0])
+try:
+	ip = IP(sys.argv[1])
+except KeyError:
+	sys.stderr.write("Not enough parameters given.\n")
+	sys.exit(1)
+except ValueError:
+	sys.stderr.write("Given value is not a valid ip address.\n")
+	sys.exit(1)
+
+try:
+	f = open("/proc/net/ipt_recent/BLOCK", "w")
+	f.write("%s\n" % ip)
+	f.close()
+except:
+	sys.stderr.write("Cannot write ip \"%s\" to file.\n" % ip)
+	sys.exit(1)
+
+sys.exit(0)