mirror of https://github.com/tLDP/LDP
39 lines
1.4 KiB
Bash
39 lines
1.4 KiB
Bash
#!/bin/bash
|
|
# ip-addresses.sh
|
|
# List the IP addresses your computer is connected to.
|
|
|
|
# Inspired by Greg Bledsoe's ddos.sh script,
|
|
# Linux Journal, 09 March 2011.
|
|
# URL:
|
|
# http://www.linuxjournal.com/content/back-dead-simple-bash-complex-ddos
|
|
# Greg licensed his script under the GPL2,
|
|
#+ and as a derivative, this script is likewise GPL2.
|
|
|
|
connection_type=TCP # Also try UDP.
|
|
field=2 # Which field of the output we're interested in.
|
|
no_match=LISTEN # Filter out records containing this. Why?
|
|
lsof_args=-ni # -i lists Internet-associated files.
|
|
# -n preserves numerical IP addresses.
|
|
# What happens without the -n option? Try it.
|
|
router="[0-9][0-9][0-9][0-9][0-9]->"
|
|
# Delete the router info.
|
|
|
|
lsof "$lsof_args" | grep $connection_type | grep -v "$no_match" |
|
|
awk '{print $9}' | cut -d : -f $field | sort | uniq |
|
|
sed s/"^$router"//
|
|
|
|
# Bledsoe's script assigns the output of a filtered IP list,
|
|
# (similar to lines 19-22, above) to a variable.
|
|
# He checks for multiple connections to a single IP address,
|
|
# then uses:
|
|
#
|
|
# iptables -I INPUT -s $ip -p tcp -j REJECT --reject-with tcp-reset
|
|
#
|
|
# ... within a 60-second delay loop to bounce packets from DDOS attacks.
|
|
|
|
|
|
# Exercise:
|
|
# --------
|
|
# Use the 'iptables' command to extend this script
|
|
#+ to reject connection attempts from well-known spammer IP domains.
|