Gentoo blacklist.py init Script
I have several servers which run an assortment of http, svn, ssh, and ftp services. One of the largest annoyances are automated breaking scripts pounding my services. Recently, I have been looking into blacklist.py: a handy python script written by Reto Glauser, which monitors syslog-ng logs looking for possible break-in attempts. The script uses iptables to block future traffic from suspicious IP’s for a specified amount of time.
After I got the script setup and running I wanted a Gentoo init script that would automatically start the script on boot. After reading through some examples in my /etc/init.d/ directory I seem to have managed to cook up something that works:
#!/sbin/runscript # blacklist is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # blacklist is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # Copyright: Dustin Thomson # Homepage: http://dustint.com # Date: 2008-06-03 # Version 0.0.1 EXEC=/usr/sbin/blacklist PID=/var/run/blacklist.pid depend(){ need net } checkconfig(){ if [ ! -e /usr/sbin/blacklist ] ; then eerror "blacklist not found in /usr/sbin/blacklist" return 1 fi } start() { checkconfig || return 1 ebegin "Starting Blacklist" $EXEC & eend $? } stop() { ebegin "Stopping Blacklist" start-stop-daemon --stop --retry 20 --quiet --pidfile $PID eend $? }
Alternatively, for those with wget, cd into /etc/init.d/ and:
wget http://dustint.com/wp-content/uploads/2008/06/blacklist
chmod +x blacklist
I have placed blacklist.py in /usr/sbin/ and renamed it to simply blacklist
Reto also hosts a handy “stage-4” backup script which can create a full backup of your filesystem.