active-response/route-null.sh

   1 #!/bin/sh
   2 # Adds an IP to null route
   3 # Requirements: ip route
   4 # Expect: srcip
   5 # Author: Ivan Lotina
   6 # Modifyed script host-deny from Daniel B. Cid
   7 # Last modified: Feb 16, 2007
   8
   9 ACTION=$1
  10 USER=$2
  11 IP=$3
  12
  13 LOCAL=`dirname $0`;
  14 cd $LOCAL
  15 cd ../
  16 PWD=`pwd`
  17 LOCK="${PWD}/host-deny-lock"
  18 LOCK_PID="${PWD}/host-deny-lock/pid"
  19
  20 UNAME=`uname`
  21
  22 # Logging the call
  23 echo "`date` $0 $1 $2 $3 $4 $5" >> ${PWD}/../logs/active-responses.log
  24
  25
  26 # IP Address must be provided
  27 if [ "x${IP}" = "x" ]; then
  28    echo "$0: Missing argument <action> <user> (ip)"
  29    exit 1;
  30 fi
  31
  32
  33 # Adding the ip to null route
  34 if [ "x${ACTION}" = "xadd" ]; then
  35   if [ "X${UNAME}" = "XLinux" ]; then
  36    route add ${IP} reject
  37    exit 0;
  38   fi
  39
  40   if [ "X${UNAME}" = "XFreeBSD" ]; then
  41    route -q add ${IP} 127.0.0.1 -blackhole
  42    exit 0;
  43   fi
  44
  45 # Deleting from null route
  46 # be carefull not to remove your default route
  47 elif [ "x${ACTION}" = "xdelete" ]; then
  48   if [ "X${UNAME}" = "XLinux" ]; then
  49    route del ${IP} reject
  50    exit 0;
  51   fi
  52
  53   if [ "X${UNAME}" = "XFreeBSD" ]; then
  54    route -q delete ${IP} 127.0.0.1 -blackhole
  55    exit 0;
  56   fi
  57
  58 # Invalid action
  59 else
  60    echo "$0: invalid action: ${ACTION}"
  61 fi
  62
  63 exit 1;