AnarchyPlanet/q2a-antispam
Archived
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
This repository has been archived on 2025-03-03. You can view files and clone it, but cannot push or open issues or pull requests.
master
q2a-antispam/forumspam.sh

54 lines
1.4 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/sh
# API reference: https://www.stopforumspam.com/usage
# user configuration area - change as needed
logf=/var/log/forumspam.log
limit=0 # number of violations allowed before blocking the ip
case `uname` in
(*"BSD"*)
getroot="doas"
fw_cmd="pfctl"
;;
(*)
getroot="sudo"
fw_cmd="ufw"
;;
esac
abort() {
echo `date` 'error:' $* >> $logf
rm $repl
exit 1
}
block_ip() {
case "$fw_cmd" in
ufw)
if "$getroot" ufw deny from $ip >/dev/null 2>>$logf; then
echo `date` blocked ip $ip with freq $freq >> $logf
else
abort "failed to block ip $ip"
fi
;;
pfctl)
"$getroot" pfctl -nf /etc/pf.conf || abort "pf config check failed" # Ensure proposed changes are valid before reloading table
"$getroot" pfctl -t forumspam -T replace -f /etc/pf-forumspam.txt
;;
esac
}
# we ignore all arguments except the first
ip=$1
repl=`mktemp`
curl 'http://api.stopforumspam.org/api?ip='$ip 2>/dev/null > $repl
if ! grep -q '<response success="true">' $repl; then
abort 'error failed to query stopforumspam api'
fi
freq=`grep '<frequency>' $repl | sed 's/<frequency>//; s!</frequency>!!'`
if grep -q '<appears>yes</appears>' $repl && [ "$freq" -gt "$limit" ]; then
block_ip "$ip"
fi
rm $repl
Reference in New Issue View Git Blame Copy Permalink