:: Check for required arguments
IF /I "%1"=="" GOTO ERROR
+IF /I "%2"=="" GOTO ERROR
+IF /I "%3"=="" GOTO ERROR
+
+:: Check for a valid IP
+ECHO "%3" | %WINDIR%\system32\findstr.exe /R "\." >nul || GOTO ipv6
+
+set prefixlength=32
+set gateway=0.0.0.0
+goto x
+
+:ipv6
+set prefixlength=128
+set gateway=::
+
+:x
+
IF /I "%1"=="add" GOTO ADD
IF /I "%1"=="delete" GOTO DEL
:ERROR
ECHO Invalid argument(s).
-ECHO Usage: route-null.cmd ^(ADD^|DELETE^) IPv4 Address
-ECHO Example: route-null.cmd ADD 1.2.3.4
+ECHO Usage: route-null.cmd ^(ADD^|DELETE^) user IP_Address
+ECHO Example: route-null.cmd ADD - 1.2.3.4
EXIT /B 1
-
-:: Adding IP to be null-routed. IP will be routed to local machine IP
+:: Adding IP to be null-routed.
:ADD
-:: Check for a valid IP
-ECHO "%2" | %WINDIR%\system32\findstr.exe /R "[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*" >nul || ECHO Invalid IP && EXIT /B 2
-:: Extracts last ip address from ipconfig and routes to this address. Windows will not allow routing to 127.0.0.1
-FOR /F "TOKENS=2* DELIMS=:" %%A IN ('%WINDIR%\system32\ipconfig.exe ^| %WINDIR%\system32\findstr.exe /R /C:"IPv*4* Address"') DO FOR %%B IN (%%A) DO SET IPADDR=%%B
-%WINDIR%\system32\route.exe ADD %2 MASK 255.255.255.255 %IPADDR%
+%WINDIR%\system32\route.exe ADD %3/%prefixlength% %gateway%
:: Log it
-ECHO %DAT%%TIM% %~dp0%0 %1 - %2 >> "%OSSECPATH%active-response\active-responses.log"
+ECHO %DAT%%TIM% "%~f0" %1 %2 %3 >> "%OSSECPATH%active-response\active-responses.log"
GOTO EXIT
:DEL
-ECHO "%2" | %WINDIR%\system32\findstr.exe /R "[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*\.[0-2][0-9]*[0-9]*" >nul || ECHO Invalid IP && EXIT /B 2
-%WINDIR%\system32\route.exe DELETE %2
-ECHO %DAT%%TIM% %~dp0%0 %1 - %2 >> "%OSSECPATH%active-response\active-responses.log"
+%WINDIR%\system32\route.exe DELETE %3/%prefixlength%
+ECHO %DAT%%TIM% "%~f0" %1 %2 %3 >> "%OSSECPATH%active-response\active-responses.log"
:EXIT /B 0:
projects / ossec-hids.git / blobdiff