firewall_pleroma_rejects.sh: Added option to modify ignorelist.
This commit is contained in:
parent
7d909c603b
commit
11c487216b
|
@ -2,9 +2,15 @@
|
||||||
# Generate nftables rules from the list of rejected instances. The list is
|
# Generate nftables rules from the list of rejected instances. The list is
|
||||||
# fetched from nodeinfo 2.1. masto.host- and CloudFlare-IPs are filtered out.
|
# fetched from nodeinfo 2.1. masto.host- and CloudFlare-IPs are filtered out.
|
||||||
# BE CAREFUL: Some instances may run under a shared IP, you may block more than
|
# BE CAREFUL: Some instances may run under a shared IP, you may block more than
|
||||||
# you want. No warranties and so on.
|
# you want. Watch out for timeouts in the logs. No warranties and so on.
|
||||||
|
|
||||||
# Version: 2019-07-16_2
|
# Version: 2019-07-19_1
|
||||||
|
|
||||||
|
# You can modify the ignore-list in
|
||||||
|
# "${XDG_CONFIG_HOME}/firewall_pleroma_rejects/ignorelist.user",
|
||||||
|
# "${HOME}/.config/firewall_pleroma_rejects/ignorelist.user" or
|
||||||
|
# "${HOME}/.firewall_pleroma_rejects/ignorelist.user". The file will get sourced
|
||||||
|
# in gen_rule() right after ${ignorelist} is defined.
|
||||||
|
|
||||||
# Before you run this script for the first time, run:
|
# Before you run this script for the first time, run:
|
||||||
# nft add table inet fediverse
|
# nft add table inet fediverse
|
||||||
|
@ -92,6 +98,11 @@ function gen_rule() # Generates rule for IP if it is not in ignorelist.
|
||||||
"^2602:ffdb:100:1:" # Shared IP: pleroma.site,
|
"^2602:ffdb:100:1:" # Shared IP: pleroma.site,
|
||||||
"^172\.93\.5\.40$" # juche.town
|
"^172\.93\.5\.40$" # juche.town
|
||||||
)
|
)
|
||||||
|
# Read and apply user modifications to ignorelist.
|
||||||
|
local extra_ignores="$(get_config_dir)/ignorelist.user"
|
||||||
|
if [[ -e "${extra_ignores}" ]]; then
|
||||||
|
source ${extra_ignores}
|
||||||
|
fi
|
||||||
|
|
||||||
for ignore in ${ignorelist}; do
|
for ignore in ${ignorelist}; do
|
||||||
if [[ "${ip}" =~ "${ignore}" ]]; then
|
if [[ "${ip}" =~ "${ignore}" ]]; then
|
||||||
|
@ -106,6 +117,19 @@ function gen_rule() # Generates rule for IP if it is not in ignorelist.
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function get_config_dir()
|
||||||
|
{
|
||||||
|
local name="firewall_pleroma_rejects"
|
||||||
|
|
||||||
|
if [[ -d "${XDG_CONFIG_HOME}/${name}" ]]; then
|
||||||
|
echo "${XDG_CONFIG_HOME}/${name}"
|
||||||
|
elif [[ -d "${HOME}/.config/${name}" ]]; then
|
||||||
|
echo "${HOME}/.config/${name}"
|
||||||
|
else
|
||||||
|
echo "${HOME}/.${name}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
function main()
|
function main()
|
||||||
{
|
{
|
||||||
local instance="${1}"
|
local instance="${1}"
|
||||||
|
|
Loading…
Reference in New Issue