mirror of
https://github.com/pavel-odintsov/fastnetmon.git
synced 2024-09-21 02:17:16 +00:00
Removed attack_details actions from all scripts as we removed this active while ago
This commit is contained in:
parent
964f1f1e3f
commit
1faae9e401
@ -53,7 +53,7 @@ if action == "unban":
|
||||
|
||||
sys.exit(0)
|
||||
|
||||
elif action == "ban" or action == "attack_details":
|
||||
elif action == "ban":
|
||||
|
||||
r = axapi_action(mitigator_base_url+ddos_dst_zone_path, method='GET', signature=signature)
|
||||
try:
|
||||
|
@ -11,7 +11,7 @@
|
||||
|
||||
email_notify="please_fix_this_email@domain.com"
|
||||
|
||||
# For ban and attack_details actions we will receive attack details to stdin
|
||||
# For ban action we will receive attack details to stdin
|
||||
# Please do not remove "cat" command because
|
||||
# FastNetMon will crash in this case as it expects read of data from script side
|
||||
#
|
||||
|
@ -73,18 +73,6 @@ elif action == "ban":
|
||||
body = "".join(sys.stdin.readlines())
|
||||
mail(subject, body)
|
||||
|
||||
sys.exit(0)
|
||||
elif action == "attack_details":
|
||||
subject = "Fastnetmon Community: IP %(client_ip_as_string)s blocked because %(data_direction)s attack with power %(pps_as_string)d pps" % {
|
||||
'client_ip_as_string': client_ip_as_string,
|
||||
'data_direction': data_direction,
|
||||
'pps_as_string' : pps_as_string,
|
||||
'action' : action
|
||||
}
|
||||
body = "".join(sys.stdin.readlines())
|
||||
|
||||
|
||||
mail(subject, body)
|
||||
sys.exit(0)
|
||||
else:
|
||||
sys.exit(0)
|
||||
|
@ -31,10 +31,6 @@ if [ "$fastnetmon_action" = "ban" ]; then
|
||||
# Read data from stdin
|
||||
cat > /dev/null
|
||||
color="14425373"
|
||||
elif [ "$fastnetmon_action" = "attack_details" ]; then
|
||||
# Read data from stdin
|
||||
cat > /dev/null
|
||||
color="16765184"
|
||||
elif [ "$fastnetmon_action" = "unban" ]; then
|
||||
color="3857437"
|
||||
else
|
||||
|
@ -21,12 +21,12 @@
|
||||
# Redhat: yum install bind-utils
|
||||
|
||||
#
|
||||
# For ban and attack_details actions we will receive attack details to stdin
|
||||
# For ban action we will receive attack details to stdin
|
||||
# Please do not remove the following command because
|
||||
# FastNetMon will crash in this case (it expect read of data from script side).
|
||||
#
|
||||
|
||||
if [ "$4" = "ban" ] || [ "$4" = "attack_details" ]; then
|
||||
if [ "$4" = "ban" ]; then
|
||||
fastnetmon_output=$(</dev/stdin)
|
||||
fi
|
||||
|
||||
@ -51,8 +51,6 @@ slack_action=${4}
|
||||
function slackalert () {
|
||||
if [ ! -z $slack_url ] && [ "$slack_action" = "ban" ]; then
|
||||
local slack_color="danger"
|
||||
elif [ ! -z $slack_url ] && [ "$slack_action" = "attack_details" ]; then
|
||||
local slack_color="warning"
|
||||
elif [ ! -z $slack_url ] && [ "$slack_action" = "unban" ]; then
|
||||
local slack_color="good"
|
||||
else
|
||||
@ -79,11 +77,3 @@ if [ "$4" = "ban" ]; then
|
||||
# iptables -A INPUT -d $1 -j DROP
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "$4" = "attack_details" ]; then
|
||||
# Email Alert:
|
||||
echo "${fastnetmon_output}" | mail -s "FastNetMon Analysis: IP $1 blocked because of $2 attack with power $3 pps" $email_notify;
|
||||
# Slack Alert:
|
||||
slackalert
|
||||
exit 0
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user