#!/usr/bin/perl $sendmail = '/usr/sbin/sendmail'; $count = '/usr/local/etc/ipfw/count.txt'; $mailto = 'hogehoge@ponyo.jp'; $mailfrom = 'ipfw@ponyo.jp'; $mail_title = 'IPFW Set'; $times = 1; $setip = $ARGV[0]; $host = $ARGV[1]; $bbs = $ARGV[2]; $host = gethostbyaddr(pack("C4", split(/\./, $setip)), 2); $j = 0; $list = `/sbin/ipfw -a list`; $list =~ s/ / /g; $list =~ s/ / /g; $list =~ s/\n/:\n/g; $status = 'It is already.'; @item = split(/:/,$list); $Tcount = @item; while($Tcount>$j+1){ @iitem = split(/ /,$item[$j]); if($iitem[0] !~ /65000|65535/){ $max = $iitem[0]; } $j++; } $max =~ s/\n//; $max +=1; if ($max <10000){ $max = 10000; } #print "MAX=$max\n"; if ($host =~ /google|yahoo|rk8.com|cds|docomo|ezweb|softbank|emobile/){ $status = "Disabled HOST"; }else{ $IPi = $IPj = $IPmatch = 0; $ILtime = time(); open (FILE,"+<$count"); flock(FILE,2); @IPdata = ; $IPmax = @IPdata; # 0=IP,1=時間,2=回数　$IPの中味は 000.000.000.000:123456790:xx while($IPi<$IPmax){ @IPdata[$IPi] =~ /\n/; ($Flag,$Fip,$Ftime,$Fcount,$Fho) = split(/:/,@IPdata[$IPi]); if ($Fip eq $setip){ $IPmatch = 1; $Fcount ++; if (($Fcount > 2) && ($list !~ /$setip/)){ `/sbin/ipfw add $max deny tcp from $setip to any `; $status = 'Added to the list.'; &sendmail; } } if (($Ftime + 60) > $ILtime){ @ILdata[$IPj] = "A$IPj:$Fip:$Ftime:$Fcount:$Fho"; $IPj ++; } $IPi ++; } if (($IPmax eq 0) || ($IPmatch eq 0)){ @ILdata[$IPj] = "N$IPj:$setip:$ILtime:1:$Pho\n"; } truncate(FILE, 0); seek(FILE, 0, 0); print FILE @ILdata; flock(FILE,8); close (FILE); } exit; sub sendmail{ if (open(MAIL,"| $sendmail $mailto")) { print MAIL "To: $mailto\r\n"; print MAIL "From: $mailfrom\r\n"; print MAIL "Subject: $mail_title [$bbs]\r\n"; print MAIL "MIME-Version: 1.0\r\n"; print MAIL "Content-type: text/plain; charset=ISO-2022-JP\r\n"; print MAIL "Content-Transfer-Encoding: 7bit\r\n"; print MAIL "X-Mailer: $script\r\n\r\n"; print MAIL "Status= : $status\r\n"; print MAIL "IP= : $setip\r\n"; print MAIL "HOST= : $host\r\n"; print MAIL "Count= : $max\n"; close(MAIL); } }