Gentoo blacklist.py init Script

I have several servers which run an assortment of http, svn, ssh, and ftp services. One of the largest annoyances are automated breaking scripts pounding my services. Recently, I have been looking into blacklist.py: a handy python script written by Reto Glauser, which monitors syslog-ng logs looking for possible break-in attempts. The script uses iptables to block future traffic from suspicious IP’s for a specified amount of time.

After I got the script setup and running I wanted a Gentoo init script that would automatically start the script on boot. After reading through some examples in my /etc/init.d/ directory I seem to have managed to cook up something that works:

#!/sbin/runscript
# blacklist is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# blacklist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# Copyright: Dustin Thomson
# Homepage: http://dustint.com
# Date: 2008-06-03
# Version 0.0.1

EXEC=/usr/sbin/blacklist
PID=/var/run/blacklist.pid

depend(){
        need net
}

checkconfig(){
        if [ ! -e /usr/sbin/blacklist ] ; then
                eerror "blacklist not found in /usr/sbin/blacklist"
                return 1
        fi
}

start() {
        checkconfig || return 1
        ebegin "Starting Blacklist"
        $EXEC &
        eend $?
}

stop()  {
        ebegin "Stopping Blacklist"
        start-stop-daemon --stop --retry 20 --quiet --pidfile $PID
        eend $?
}

Alternatively, for those with wget, cd into /etc/init.d/ and:

wget http://dustint.com/wp-content/uploads/2008/06/blacklist
chmod +x blacklist

I have placed blacklist.py in /usr/sbin/ and renamed it to simply blacklist

Reto also hosts a handy “stage-4” backup script which can create a full backup of your filesystem.