-:: Simple script to null route an ip address.\r
-@ECHO OFF\r
-ECHO.\r
-\r
-\r
-:: Logging it all\r
-FOR /F "TOKENS=1* DELIMS= " %%A IN ('DATE/T') DO SET DATE=%%B\r
-FOR /F "TOKENS=1* DELIMS= " %%A IN ('TIME/T') DO SET TIME=%%A\r
-ECHO %DATE% %TIME% %0 %1 %2 %3 %4 %5 %6 %7 %8 %9 >> active-response/active-responses.log\r
-\r
-\r
-IF "%1"=="add" GOTO ADD\r
-IF "%1"=="delete" GOTO DEL\r
-:ERROR\r
-\r
-ECHO "Invalid argument. %1"\r
-GOTO Exit;\r
-\r
-\r
-:: Adding to the blocked.\r
-\r
-:ADD\r
-:: Extracts last ip address from ipconfig.\r
-FOR /F "TOKENS=2* DELIMS=:" %%A IN ('IPCONFIG /ALL ^| FIND "IP Address"') DO FOR %%B IN (%%A) DO SET IPADDR=%%B\r
-route add %3 mask 255.255.255.255 %IPADDR%\r
-GOTO Exit;\r
-\r
-:DEL\r
-route delete %3\r
-\r
-:Exit\r
+:: Script to null route an ip address.
+@ECHO OFF
+ECHO.
+
+:: Set some variables
+FOR /F "TOKENS=1* DELIMS= " %%A IN ('DATE/T') DO SET DAT=%%A %%B
+FOR /F "TOKENS=1-3 DELIMS=:" %%A IN ("%TIME%") DO SET TIM=%%A:%%B:%%C
+
+:: Check for required arguments
+IF /I "%1"=="" GOTO ERROR
+IF /I "%2"=="" GOTO ERROR
+IF /I "%3"=="" GOTO ERROR
+
+:: Check for a valid IP
+ECHO "%3" | %WINDIR%\system32\findstr.exe /R "\." >nul || GOTO ipv6
+
+set prefixlength=32
+set gateway=0.0.0.0
+goto x
+
+:ipv6
+set prefixlength=128
+set gateway=::
+
+:x
+
+IF /I "%1"=="add" GOTO ADD
+IF /I "%1"=="delete" GOTO DEL
+
+:ERROR
+ECHO Invalid argument(s).
+ECHO Usage: route-null.cmd ^(ADD^|DELETE^) user IP_Address
+ECHO Example: route-null.cmd ADD - 1.2.3.4
+EXIT /B 1
+
+:: Adding IP to be null-routed.
+
+:ADD
+%WINDIR%\system32\route.exe ADD %3/%prefixlength% %gateway%
+:: Log it
+ECHO %DAT%%TIM% "%~f0" %1 %2 %3 >> "%OSSECPATH%active-response\active-responses.log"
+GOTO EXIT
+
+:DEL
+%WINDIR%\system32\route.exe DELETE %3/%prefixlength%
+ECHO %DAT%%TIM% "%~f0" %1 %2 %3 >> "%OSSECPATH%active-response\active-responses.log"
+
+:EXIT /B 0:
projects / ossec-hids.git / blobdiff