1
0
mirror of https://github.com/toast-ts/Daggerbot-TS.git synced 2024-11-18 00:31:00 -05:00

Compare commits

..

6 Commits

Author SHA1 Message Date
AnxietyisReal
cc7e8882d4 Add self-incrementing counter 2024-01-21 23:01:24 +11:00
AnxietyisReal
b011f63d44 Make shell script executable 2024-01-21 22:53:08 +11:00
AnxietyisReal
38db24ef8c Sigh, don't want to deal with sudo issues. 2024-01-21 22:46:11 +11:00
AnxietyisReal
a68b3fc723 Add cronjob task for previous commit. 2024-01-21 22:31:58 +11:00
AnxietyisReal
888ab25280 Block vulnerability scanners from attacking the host. 2024-01-21 21:50:29 +11:00
AnxietyisReal
f3e6745b58 Match webhook's error message. 2024-01-21 19:35:23 +11:00
3 changed files with 33 additions and 1 deletions

1
.gitignore vendored
View File

@ -1,4 +1,5 @@
.env .env
ips.txt
# Yarn stuff # Yarn stuff
.yarn .yarn
# TypeScript stuff # TypeScript stuff

View File

@ -130,7 +130,7 @@ export async function requestServerData(client:TClient, server:IServer):Promise<
if (data.status === 200 ?? 204) return data; if (data.status === 200 ?? 204) return data;
else if (data.status === 404) Logger.console('log', loggingPrefix, `(${i+1}/${maxRetries}) ${server.serverName} responded with an error (404), API is disabled or mismatched code`) else if (data.status === 404) Logger.console('log', loggingPrefix, `(${i+1}/${maxRetries}) ${server.serverName} responded with an error (404), API is disabled or mismatched code`)
} catch(err) { } catch(err) {
Logger.console('log', loggingPrefix, `Couldn't get the data for ${server.serverName}: ${err.message}`); Logger.console('log', loggingPrefix, `Couldn't get data for ${server.serverName}: ${err.message}`);
} }
await new Promise(resolve=>setTimeout(resolve, 500)) await new Promise(resolve=>setTimeout(resolve, 500))
} }

31
ufwReject.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "Please run this script as root or sudo"
exit 1
fi
# Store the IP addresses in a file
IP_ADDRESSES_STORE="ips.txt"
# Scan the kernel log for IP addresses and store them in a file
dmesg | grep 'SRC=' | awk -F'SRC=' '{ print $2 }' | awk '{ print $1 }' | sort | uniq | head -n 5000 > "$IP_ADDRESSES_STORE"
# Initialize a counter for new IPs
new_ips=0
# Populate the UFW reject rule with the IP addresses collected from the kernel log
while IFS= read -r ip
do
# Check if the IP is already in the UFW rules
if ! ufw status | grep -q "$ip"
then
ufw reject from $ip
# Increment the counter
((new_ips++))
fi
done < "$IP_ADDRESSES_STORE"
echo "Done populating UFW reject rule"
echo "$new_ips IP addresses were added"
exit 0