LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27263 Commits
1 Branch
46 MiB
Tree: c4d8769c8a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c4d8769c8a'
${ noResults }
openwrt-packages-dist/net/crowdsec-firewall-bouncer/files/crowdsec-firewall-bouncer.i...

69 lines
1.4 KiB
Raw Normal View History

crowdsec-firewall-bouncer: initial package v0.0.15 /net/crowdsec-firewall-bouncer/ crowdsec-firewall-bouncer will fetch new and old decisions from a CrowdSec API to add them in a blocklist used by supported firewalls. Signed-off-by: Kerma Gérald <gandalf@gk2.net>
3 years ago
crowdsec-firewall-bouncer: fix name in initd to start the process crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer the initd need the correct binary name to start the process the link for github source need also to be fixed (only the information one) fix the BuildDate updated copyright Signed-off-by: Kerma Gérald <gandalf@gk2.net>
3 years ago
crowdsec-firewall-bouncer: initial package v0.0.15 /net/crowdsec-firewall-bouncer/ crowdsec-firewall-bouncer will fetch new and old decisions from a CrowdSec API to add them in a blocklist used by supported firewalls. Signed-off-by: Kerma Gérald <gandalf@gk2.net>
3 years ago
crowdsec-firewall-bouncer: fix name in initd to start the process crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer the initd need the correct binary name to start the process the link for github source need also to be fixed (only the information one) fix the BuildDate updated copyright Signed-off-by: Kerma Gérald <gandalf@gk2.net>
3 years ago
crowdsec-firewall-bouncer: initial package v0.0.15 /net/crowdsec-firewall-bouncer/ crowdsec-firewall-bouncer will fetch new and old decisions from a CrowdSec API to add them in a blocklist used by supported firewalls. Signed-off-by: Kerma Gérald <gandalf@gk2.net>
3 years ago
 
  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2021-2022 Gerald Kerma <gandalf@gk2.net>
  3. 

  4. START=99
  5. USE_PROCD=1
  6. NAME=crowdsec-firewall-bouncer
  7. PROG=/usr/bin/cs-firewall-bouncer
  8. CONFIG=/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
  9. BACKEND=iptables
  10. VARCONFIGDIR=/var/etc/crowdsec/bouncers
  11. VARCONFIG=/var/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
  12. FW_BACKEND="iptables"
  13. 

  14. service_triggers() {
  15. 	procd_add_reload_trigger crowdsec-firewall-bouncer
  16. }
  17. 

  18. init_config() {
  19. 	## CheckFirewall
  20. 	iptables="true"
  21. 	which iptables > /dev/null
  22. 	FW_BACKEND=""
  23. 	if [[ $? != 0 ]]; then
  24. 	  echo "iptables is not present"
  25. 	  iptables="false"
  26. 	else
  27. 	  FW_BACKEND="iptables"
  28. 	  echo "iptables found"
  29. 	fi
  30. 

  31. 	nftables="true"
  32. 	which nft > /dev/null
  33. 	if [[ $? != 0 ]]; then
  34. 	  echo "nftables is not present"
  35. 	  nftables="false"
  36. 	else
  37. 	  FW_BACKEND="nftables"
  38. 	  echo "nftables found"
  39. 	fi
  40. 

  41. 	if [ "$nftables" = "true" -a "$iptables" = "true" ]; then
  42. 	  echo "Found nftables(default) and iptables..."
  43. 	fi
  44. 

  45. 	if [ "$FW_BACKEND" = "iptables" ]; then
  46. 	  which ipset > /dev/null
  47. 	  if [[ $? != 0 ]]; then
  48. 	    echo "ipset not found, install it !"
  49. 	  fi
  50. 	fi
  51. 	BACKEND=$FW_BACKEND
  52. 

  53. 	# Create tmp dir & permissions if needed
  54. 	if [ ! -d "${VARCONFIGDIR}" ]; then
  55. 		mkdir -m 0755 -p "${VARCONFIGDIR}"
  56. 	fi;
  57. 

  58. 	cp $CONFIG $VARCONFIG
  59. 

  60. 	sed -i "s,^\(\s*mode\s*:\s*\).*\$,\1$BACKEND," $VARCONFIG
  61. }
  62. 

  63. start_service() {
  64. 	init_config
  65. 

  66. 	procd_open_instance
  67. 	procd_set_param command "$PROG" -c "$VARCONFIG"
  68. 	procd_close_instance
  69. }