Cccam Iptables
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Cccam Iptables as PDF for free.
More details
- Words: 442
- Pages: 2
Filter Illegal Peers using IPTables After some time, You see peers that don't delete you're line once removed or worse, they hand out the line to all kind of people who try to gain access to you're server. For this i took the basic idea of a script from Unlocker-al and put together this little ban script.
#!/bin/sh ########################### ## Auto Ban script ## ## Illegal CCcam Users ## ## Written By CC_Share ## ## Thanks to Unlocker-AL ## ## For the Basic idea ## ########################### workdir="/" #This is there the debug info from CCcam is dumped firewall="/" #The saved firewall rules logdir="/emu/log" #The logfile directory EMAIL="" #Email adres to mail result to SUBJECT="Illegal Userlist CCcam" #Subject title of the email EMAILMESSAGE="/emu/log/illegaluser.txt" #List that contains the Illegal users rm $workdir/debug.old cp $workdir/debug.txt $workdir/debug.old cp $logdir/iptables-save.new $logdir/iptables-save.old cat $workdir/debug.old|grep illegal > $logdir/illegaluser.log grep 'illegal' $logdir/illegaluser.log | awk -F" " '{print $5,$7}' > $logdir/illegaluser.txt grep 'illegal' $logdir/illegaluser.log | awk -F" " '{print $7}' | grep -o '^[09]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' > $logdir/badIP.out awk ' {s[$0]++} END { for(i in s) { if(s[i]>1) { print i } } }' $logdir/badIP.out > $logdir/badIP.block while IFS= read -r EachLine do command="iptables -A INPUT -s "$EachLine" -j DROP" echo $command $command done < $logdir/badIP.block rm $logdir/badIP.block if [ -s $logdir/illegaluser.txt ] ; then iptables-save -c > $logdir/iptables-save.new /usr/bin/nail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE else echo "No Illegal Users found right now" fi sleep 1 > $workdir/debug.txt exit 0 This script will scan you're debug file for illegal users, sort out the username and ip and insert the IP in ip-tables.
If you want, the script can also mail you the result so you know what users are put in ip-tables and gives you the advantage to check if it's not a valid user. You can put this script in the crontab to enable automatic checking. The following is an example how to install. Code:
./CCcam.x86 -dv > /home/debug.txt then change the following lines in the script to match the debug file and it's location. Code:
workdir="/" Should be Code:
workdir="/home" and this line Code:
firewall="/" Should be changed to where you want the firewall rules to be saved Code:
firewall="/emu/log/" To insert it in the crontab, edit it and insert this line: Code:
00 */1
* * * root /emu/script/./illegal.sh
This will run the script every whole hour.
For the mail function to work, you have to do the following: Code:
apt-get install nail apt-get install exim4 dpkg-reconfigure exim4-config Insert here a valid email adress Code:
EMAIL="" and it will mail you every time it runs and finds an illegal user. If no user is found, it will not mail you.
#!/bin/sh ########################### ## Auto Ban script ## ## Illegal CCcam Users ## ## Written By CC_Share ## ## Thanks to Unlocker-AL ## ## For the Basic idea ## ########################### workdir="/" #This is there the debug info from CCcam is dumped firewall="/" #The saved firewall rules logdir="/emu/log" #The logfile directory EMAIL="" #Email adres to mail result to SUBJECT="Illegal Userlist CCcam" #Subject title of the email EMAILMESSAGE="/emu/log/illegaluser.txt" #List that contains the Illegal users rm $workdir/debug.old cp $workdir/debug.txt $workdir/debug.old cp $logdir/iptables-save.new $logdir/iptables-save.old cat $workdir/debug.old|grep illegal > $logdir/illegaluser.log grep 'illegal' $logdir/illegaluser.log | awk -F" " '{print $5,$7}' > $logdir/illegaluser.txt grep 'illegal' $logdir/illegaluser.log | awk -F" " '{print $7}' | grep -o '^[09]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' > $logdir/badIP.out awk ' {s[$0]++} END { for(i in s) { if(s[i]>1) { print i } } }' $logdir/badIP.out > $logdir/badIP.block while IFS= read -r EachLine do command="iptables -A INPUT -s "$EachLine" -j DROP" echo $command $command done < $logdir/badIP.block rm $logdir/badIP.block if [ -s $logdir/illegaluser.txt ] ; then iptables-save -c > $logdir/iptables-save.new /usr/bin/nail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE else echo "No Illegal Users found right now" fi sleep 1 > $workdir/debug.txt exit 0 This script will scan you're debug file for illegal users, sort out the username and ip and insert the IP in ip-tables.
If you want, the script can also mail you the result so you know what users are put in ip-tables and gives you the advantage to check if it's not a valid user. You can put this script in the crontab to enable automatic checking. The following is an example how to install. Code:
./CCcam.x86 -dv > /home/debug.txt then change the following lines in the script to match the debug file and it's location. Code:
workdir="/" Should be Code:
workdir="/home" and this line Code:
firewall="/" Should be changed to where you want the firewall rules to be saved Code:
firewall="/emu/log/" To insert it in the crontab, edit it and insert this line: Code:
00 */1
* * * root /emu/script/./illegal.sh
This will run the script every whole hour.
For the mail function to work, you have to do the following: Code:
apt-get install nail apt-get install exim4 dpkg-reconfigure exim4-config Insert here a valid email adress Code:
EMAIL="" and it will mail you every time it runs and finds an illegal user. If no user is found, it will not mail you.
Related Documents
Cccam Iptables
December 2019 5
Iptables
June 2020 8
Iptables
May 2020 7
Iptables
October 2019 13
Iptables Tutorial
December 2019 8