Supplement Article: November2000

-->

Supplement Article: November2000 Listing 4 ipblock shell program for portsentry and ip filter

#!/bin/sh

#

# $Id$

#

# $Source$

#

# $Log$

#

# ipblock - wrapper around ipf to permit portsentry to work with it.   

#           unfortunately (or fortunately) since ipf only adds rules to

#           the /END/ of a list, we could still allow someone to get in

#           by using the quick keyword.  The idea here is to set up a simple

#           rule by writing that rule to a temporary file, concatenating the

#           current ruleset to that file, flushing the input filter and then

#           reloading it.   Definitely not an atomic operation, but it should

#           get the job done.

#        



TARGET=$1

IPFCFDIR=/etc/opt/ipf



# 

# put in the rule we want to insert into the beginning of the file

#

echo "block in log quick on le0 from $TARGET to any" > /tmp/ipfrule.$$ #

# 

# now concatenate the current rules to the file

#

/sbin/ipfstat -i >> /tmp/ipfrule.$$ 

#

# the next step flushes the current ipf rules (drops the firewall for a split

# second) and then reloads it

#

/sbin/ipf -F i 

/sbin/ipf -f /tmp/ipfrule.$$



cp $IPFCFDIR/ipf.conf $IPFCFDIR/ipf.conf.old

cp /tmp/ipfrule.$$ $IPFCFDIR/ipf.conf



rm -f /tmp/ipfrule.$$