option_cb() {
local option="${1}" value="${2//\"/\\\"}"
- eval "${option}=\"${value}\""
+ if [ -d "${value}" ] || { [ ! -d "${value}" ] && [ -n "${value%%[./]*}" ]; }; then
+ eval "${option}=\"${value}\""
+ fi
}
list_cb() {
local append option="${1}" value="${2//\"/\\\"}"
- eval "append=\"\${${option}}\""
- case "${option}" in
- "ban_logterm")
- eval "${option}=\"${append}${value}\\|\""
- ;;
- *)
- eval "${option}=\"${append}${value} \""
- ;;
- esac
+ if [ -d "${value}" ] || { [ ! -d "${value}" ] && [ -n "${value%%[./]*}" ]; }; then
+ eval "append=\"\${${option}}\""
+ case "${option}" in
+ "ban_logterm")
+ eval "${option}=\"${append}${value}\\|\""
+ ;;
+ *)
+ eval "${option}=\"${append}${value} \""
+ ;;
+ esac
+ fi
}
}
config_load banip
ip="${ip##* }"
[ -n "${ip%%::*}" ] && proto=".v6"
fi
- if [ -n "${proto}" ] && ! "${ban_nftcmd}" get element inet banIP allowlist"${proto}" "{ ${ip} }" >/dev/null 2>&1 && ! "${ban_nftcmd}" get element inet banIP blocklist"${proto}" "{ ${ip} }" >/dev/null 2>&1; then
+ if [ -n "${proto}" ] && ! "${ban_nftcmd}" get element inet banIP allowlist"${proto}" "{ ${ip} }" >/dev/null 2>&1 &&
+ ! "${ban_nftcmd}" get element inet banIP blocklist"${proto}" "{ ${ip} }" >/dev/null 2>&1; then
f_log "info" "suspicious IP '${ip}'"
log_raw="$(eval ${loglimit_cmd})"
log_count="$(printf "%s\n" "${log_raw}" | "${ban_grepcmd}" -c "suspicious IP '${ip}'")"
prefix="${idx}"
continue
else
- cidr="${prefix}/${idx}"
- if "${ban_nftcmd}" add element inet banIP "blocklist${proto}" { ${cidr} ${nft_expiry} } >/dev/null 2>&1; then
- f_log "info" "add IP range '${cidr}' (source: ${rdap_info:-"n/a"} ::: expiry: ${ban_nftexpiry:-"-"}) to blocklist${proto} set"
+ if [ -n "${prefix%%::*}" ] && [ "${prefix%%.*}" != "127" ] && [ "${prefix%%.*}" != "0" ]; then
+ cidr="${prefix}/${idx}"
+ if "${ban_nftcmd}" add element inet banIP "blocklist${proto}" { ${cidr} ${nft_expiry} } >/dev/null 2>&1; then
+ f_log "info" "add IP range '${cidr}' (source: ${rdap_info:-"n/a"} ::: expiry: ${ban_nftexpiry:-"-"}) to blocklist${proto} set"
+ fi
fi
prefix=""
fi
"flag": "gz"
},
"becyber":{
- "url_4": "https://raw.githubusercontent.com/duggytuxy/Intelligence_IPv4_Blocklists/refs/heads/main/agressive_ips_dst_fr_be_blocklist.txt",
+ "url_4": "https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_data-shield_ipv4_blocklist.txt",
"rule_4": "/^127\\./{next}/^(([1-9][0-9]{0,2}\\.){1}([0-9]{1,3}\\.){2}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{printf \"%s,\\n\",$1}",
"chain": "in",
"descr": "malicious attacker IPs"
projects / feed / packages.git / commitdiff