63 lines
1.1 KiB
Perl
Executable file
63 lines
1.1 KiB
Perl
Executable file
#!/usr/bin/perl -w
|
|
##
|
|
## fwtool.pl
|
|
##
|
|
## Made by tab
|
|
## Login <tab@crans.org>
|
|
##
|
|
## Started on Sun Dec 2 19:11:06 2001 tab
|
|
## Last update dim 03 fév 2002 21:17:55 CET Nicolas STRANSKY
|
|
##
|
|
|
|
use strict;
|
|
|
|
my $paireipmac = "/CRANS/generated/ether/pairesMAC-IP.txt";
|
|
my $blacklist = "/CRANS/confs/blacklist.cf";
|
|
|
|
sub iptables
|
|
{
|
|
my ($string) = @_;
|
|
system("/sbin/iptables ".$string."\n");
|
|
}
|
|
|
|
sub mac
|
|
{
|
|
open MACFILE, $paireipmac;
|
|
while (my $line = <MACFILE>) {
|
|
my ($mac, $ip) = (split " ", $line)[0,1];
|
|
my $ipclass = (split /\./, $ip)[2];
|
|
iptables("-A S".$ipclass." -s ".$ip." -m mac --mac-source ".$mac." -j ACCEPT");
|
|
}
|
|
close(MACFILE);
|
|
}
|
|
|
|
sub blacklist
|
|
{
|
|
open LIST, $blacklist;
|
|
|
|
while (my $line = <LIST>) {
|
|
my ($fd1) = (split "#", $line)[0];
|
|
if (!($fd1 =~ /^$/))
|
|
{
|
|
my ($ip, $port) = (split ":", $fd1);
|
|
my @tab = split ",", $port;
|
|
iptables("-A LIST -s ".$ip." -j BLACKLIST");
|
|
foreach my $i (@tab) {
|
|
iptables("-A BLACKLIST -p tcp -s ".$ip." --dport ".$i." -j ACCEPT");
|
|
}
|
|
}
|
|
|
|
}
|
|
close(LIST);
|
|
}
|
|
|
|
if (@ARGV != 1)
|
|
{
|
|
exit(1);
|
|
}
|
|
|
|
if ($ARGV[0] eq 'blacklist')
|
|
{ blacklist(); }
|
|
elsif ($ARGV[0] eq 'mac')
|
|
{ mac(); }
|
|
|