Gentoo blacklist.py init Script

3 Jun, 2008  How-To, Linux

I have several servers which run an assortment of http, svn, ssh, and ftp services. One of the largest annoyances are automated breaking scripts pounding my services. Recently, I have been looking into blacklist.py: a handy python script written by Reto Glauser, which monitors syslog-ng logs looking for possible break-in attempts. The script uses iptables to block future traffic from suspicious IP's for a specified amount of time.

After I got the script setup and running I wanted a Gentoo init script that would automatically start the script on boot. After reading through some examples in my /etc/init.d/ directory I seem to have managed to cook up something that works:

PLAIN TEXT


CODE:





    

  1. 

    #!/sbin/runscript
    

    2. 

  2. 

    # blacklist is free software; you can redistribute it and/or modify
    

    3. 

  3. 

    # it under the terms of the GNU General Public License as published by
    

    4. 

  4. 

    # the Free Software Foundation; either version 2 of the License, or
    

    5. 

  5. 

    # (at your option) any later version.
    

    6. 

  6. 

    #
    

    7. 

  7. 

    # blacklist is distributed in the hope that it will be useful,
    

    8. 

  8. 

    # but WITHOUT ANY WARRANTY; without even the implied warranty of
    

    9. 

  9. 

    # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    

    10. 

  10. 

    # GNU General Public License for more details.
    

    11. 

  11. 

    #
    

    12. 

  12. 

    # Copyright: Dustin Thomson
    

    13. 

  13. 

    # Homepage: http://dustint.com
    

    14. 

  14. 

    # Date: 2008-06-03
    

    15. 

  15. 

    # Version 0.0.1
    

    16. 

  16. 

     
    

    17. 

  17. 

    EXEC=/usr/sbin/blacklist
    

    18. 

  18. 

    PID=/var/run/blacklist.pid
    

    19. 

  19. 

     
    

    20. 

  20. 

    depend(){
    

    21. 

  21. 

            need net
    

    22. 

  22. 

    }
    

    23. 

  23. 

     
    

    24. 

  24. 

    checkconfig(){
    

    25. 

  25. 

            if [ ! -e /usr/sbin/blacklist ] ; then
    

    26. 

  26. 

                    eerror "blacklist not found in /usr/sbin/blacklist"
    

    27. 

  27. 

                    return 1
    

    28. 

  28. 

            fi
    

    29. 

  29. 

    }
    

    30. 

  30. 

     
    

    31. 

  31. 

    start() {
    

    32. 

  32. 

            checkconfig || return 1
    

    33. 

  33. 

            ebegin "Starting Blacklist"
    

    34. 

  34. 

            $EXEC &
    

    35. 

  35. 

            eend $?
    

    36. 

  36. 

    }
    

    37. 

  37. 

     
    

    38. 

  38. 

    stop()  {
    

    39. 

  39. 

            ebegin "Stopping Blacklist"
    

    40. 

  40. 

            start-stop-daemon --stop --retry 20 --quiet --pidfile $PID
    

    41. 

  41. 

            eend $?
    

    42. 

  42. 

    } 
    

    43.

Alternatively, for those with wget, cd into /etc/init.d/ and:

wget http://dustint.com/wp-content/uploads/2008/06/blacklist
chmod +x blacklist

I have placed blacklist.py in /usr/sbin/ and renamed it to simply blacklist

Reto also hosts a handy "stage-4" backup script which can create a full backup of your filesystem.

Leave a comment

Name: (Required)

eMail: (Required)

Website:

Comment: