DiegoNakaniwa
/
pabx-app
forked from SimplesIP/pabx-app
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
PABX da Simples IP
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
324 Commits
4 Branches
6 Tags
217 MiB
 
 
 
 
 
 
Tree: a205202376
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a205202376'
${ noResults }
pabx-app/asterisk/hdaux_utilitarios_scripts/bloqueia_autenticacao.sh

31 lines
2.1 KiB
Raw Blame History

#!/bin/bash
#Variaveis
CLIENTE=$([ -e /hdaux/cliente ] && cat /hdaux/cliente)
IP_CENTRAL_SIP=$(ifconfig | grep "inet " | grep -v "127.0.0.1" | awk {'print $2'} | sed -e 's/addr://g'| sed -e 's/^/IP-CENTRAL-SIP:/g')
EMAIL="suporte@simplesip.com.br"
TENTATIVAS=3
NOVO_BLOQUEIO_SIP=$(egrep "Wrong password|No matching peer found|Registration from.*.failed for|chan_iax2\.c.*.failed .*. authentication|chan_iax2\.c.*.No registration for peer|Connect attempt from.*.unable to authenticate|manager\.c.*.tried to authenticate with nonexistent user | acl\.c: SIP Peer ACL: Rejecting" /var/log/asterisk/full | sed -e "s/.*Registration.* failed for '//g" | sed -e "s/' -.*//g" | sed -e "s/.*chan_iax2.* Host //g" | sed -e "s/ failed MD5 authentication for.*//g" | sed -e "s/.*Connect attempt from '//g" | sed -e "s/' unable to authenticate//g" | sed -e "s/.*chan_iax2.*No registration for peer.*(from //g" | sed -e "s/)//g" | sed -e "s/.*manager\.c: //g" | sed -e "s/ tried to authenticate with nonexistent user.*//g" | sed -e "s/.*acl.c: SIP Peer ACL: Rejecting '//g" | sed -e "s/' due to a failure to pass ACL.*//g" | sed -e "s/:.*//g"| sort | uniq -c)
IP_BLOQUEADOS=$(iptables -L INPUT -n | awk {'print $4'} | grep -v [a-z])
WHITELIST=$([ -e /hdaux/whitelist.txt ] && cat /hdaux/whitelist.txt)
echo "$NOVO_BLOQUEIO_SIP" | while read LINHA; do
#Separando as informacoes em variaveis
QTD=$(echo "$LINHA" | awk {'print $1'})
IP=$(echo "$LINHA" | awk {'print $2'})
[ -z "$QTD" ] && exit
if [ "$QTD" -ge "$TENTATIVAS" ]; then
LIBERADO=$(echo "$WHITELIST" | grep "$IP")
if [ -z "$LIBERADO" ]; then
BLOQUEADO=$(echo "$IP_BLOQUEADOS" | grep "$IP")
if [ -z "$BLOQUEADO" ]; then
if ! [ "$IP" == "127.0.0.1" ]; then
iptables -A INPUT -s $IP -j DROP
echo -e "Subject: SUSPEITA DE ATAQUE CLIENTE: $CLIENTE\nEndereco de origem: $IP \nTentativa de ataque: $QTD \n$IP_CENTRAL_SIP" | msmtp -t $EMAIL
fi
fi
fi
fi
done