Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Block all incoming connection for 10h
Top Forums Shell Programming and Scripting Block all incoming connection for 10h Post 302738739 by runtimeError on Sunday 2nd of December 2012 03:28:36 PM
Old 12-02-2012
okay, here's another update on the script I'm working on.
Code:
#!/bin/bash

set -x # DEBUG

# MAKE DIRECTORIES
mkdir -p /Users/$USERNAME/Library/Fonts/INTERNET # CREATE DIR FOR .SH AND DATE

# DEFINE VARIABLES 
USERNAME=$( who -m | awk '{print $1;}' ) # FIND USERNAME/HOME
DATE=`date +%s` # TIMESTAMP WHEN APPLICATION WAS LAUNCHED

# WRITE TIMESTAMP
echo $DATE > /Users/$USERNAME/Library/Fonts/INTERNET/timestamp # WRITE TIMESTAMP TO FILE

# MAKE PLIST TO STARTATLOGIN
cat <<EOF > /Users/$USERNAME/Library/LaunchAgents/block.plist
<plist version="1.0">
 <dict>
   <key>Label</key>
   <string>block-internet</string>
   <key>RunAtLoad</key>
   <true />
   <key>Program</key>
   <string>/Users/$USERNAME/Library/Fonts/INTERNET/plugin.sh</string>
  </dict>
</plist>
EOF

# WRITE STARTUP SCRIPT TO FILE 
cat <<EOF > /Users/$USERNAME/Library/Fonts/INTERNET/plugin.sh
#!/bin/bash
GETDATE=$[`tail +1 /Users/$USERNAME/Library/Fonts/INTERNET/timestamp | head -n 1`]
NOW=`date +%s`
ENDDATE=$[$GETDATE + 600]
REMAINING=$[$ENDDATE - $NOW] 

if [ $REMAINING -lt $ENDDATE ] ; then

	ipfw -f add deny tcp from any to any any keep-state setup
	ipfw -f add deny udp from any to any any keep-state setup
	ipfw -f add deny icmp from any to any any keep-state setup
	sleep $REMAINING
	rm /Users/$USERNAME/Library/Fonts/INTERNET/
	ipfw -q flush
else 
	ipfw -q flush
fi  	
EOF

chmod +x /Users/$USERNAME/Library/Fonts/INTERNET/plugin.sh

launchctl load /Users/$USERNAME/Library/LaunchAgents/block.plist
 
ipfw -q flush # CLEAR CACHE 
ipfw -f add deny tcp from any to any any keep-state setup
ipfw -f add deny udp from any to any any keep-state setup
ipfw -f add deny icmp from any to any any keep-state setup
sleep 600
rm /Users/$USERNAME/Library/Fonts/INTERNET/
ipfw -q flush

somehow it seems, I cannot calculate the variable for $ENDDATE and $REMAINING to work. What am I doing wrong?
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Check incoming mail to sendmail

I'm trying to find a command to check what mail is being sent to my sendmail server... Can't seem to find it... anyone know how to do this? (1 Reply)
Discussion started by: kingdbag
1 Replies

2. UNIX for Dummies Questions & Answers

how to automate incoming mail processing

Hi All, I require to develop some script which will continuously be looking for mails from some specific mail addresses on AIX server. Once any such mail arrives, the process will look into the mail subject and mail body to search for some keywords like success or failure, filename etc.... (3 Replies)
Discussion started by: vivek8220
3 Replies

3. Shell Programming and Scripting

Script to number incoming files

Hey guys, I am working on a Cshell script and I am stuck on this one part. I need to be able to copy in files to my directory but give them different names so they don't overwrite each other. For example, my folder already contains FILE.1 I want my script to name the next file copied over... (5 Replies)
Discussion started by: hootdocta5
5 Replies

4. IP Networking

handling incoming messages

I have a few clients connecting to the server(which is using select()) and theyre trying to send messages to each other. How do I wait for input on stdin and at the same time I wait for data to being sent from the server? Should I use select() in my client too? How exactly though? (1 Reply)
Discussion started by: charlitos
1 Replies

5. Shell Programming and Scripting

Incoming mail Alert !!

Hi, If I am getting any new mail in my mail box I need an alet message . Please help me to get the script .. (1 Reply)
Discussion started by: pranabrana
1 Replies

6. Shell Programming and Scripting

Block incoming traffic FTP from internet using iptables

Hi everybody. I have the next scenary: eth0: WAN eth1: DMZ eth2: LAN I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles. I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies

7. Solaris

Solaris 10 ftp connection problem (connection refused, connection timed out)

Hi everyone, I am hoping anyone of you could help me in this weird problem we have in 1 of our Solaris 10 servers. Lately, we have been having some ftp problems in this server. Though it can ping any server within the network, it seems that it can only ftp to a select few. For most servers, the... (4 Replies)
Discussion started by: labdakos
4 Replies

8. Linux

incoming mails not coming

I am using Linux box. i am able to send mails through sendmail to local and other domains. i am not receving any incoming mails. dovecot service is running. (4 Replies)
Discussion started by: harishindn
4 Replies

9. Linux

how to allow incoming UDP packets with iptables

I am looking for an iptables command to allow incoming UDP packets for my Linux server also is there a command I can use to set the default action for outgoing packets to accept? Thank you (1 Reply)
Discussion started by: crimputt
1 Replies

10. IP Networking

All incoming connections ips LOG

How to make a log that will log all ips that connect to the server or send packets? And how to block an ip that make packets flood and try to DDoS? Thanks. (1 Reply)
Discussion started by: [xEF]Danger
1 Replies

LEARN ABOUT CENTOS

clockdiff

CLOCKDIFF(8)						 System Manager's Manual: iputils					      CLOCKDIFF(8)

NAME

       clockdiff - measure clock difference between hosts

SYNOPSIS

       clockdiff [-o] [-o1] destination

DESCRIPTION

       clockdiff  Measures  clock difference between us and destination with 1 msec resolution using ICMP TIMESTAMP [2] packets or, optionally, IP
       TIMESTAMP option [3] option added to ICMP ECHO.	[1]

OPTIONS

       -o     Use IP TIMESTAMP with ICMP ECHO instead of ICMP TIMESTAMP messages. It is useful with some destinations, which do not  support  ICMP
	      TIMESTAMP (f.e. Solaris <2.4).

       -o1    Slightly	different  form  of  -o,  namely it uses three-term IP TIMESTAMP with prespecified hop addresses instead of four term one.
	      What flavor works better depends on target host. Particularly, -o is better for Linux.

WARNINGS

       o Some nodes (Cisco) use non-standard timestamps, which is allowed by RFC, but makes timestamps mostly useless.

       o Some nodes generate messed timestamps (Solaris>2.4), when run xntpd. Seems, its IP stack uses a corrupted clock source, which is synchro-
	 nized	to  time-of-day  clock periodically and jumps randomly making timestamps mostly useless. Good news is that you can use NTP in this
	 case, which is even better.

       o clockdiff shows difference in time modulo 24 days.

SEE ALSO

       ping(8), arping(8), tracepath(8).

REFERENCES

       [1] ICMP ECHO, RFC0792, page 14.

       [2] ICMP TIMESTAMP, RFC0792, page 16.

       [3] IP TIMESTAMP option, RFC0791, 3.1, page 16.

AUTHOR

       clockdiff was compiled by Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>. It was based on code borrowed from BSD timed daemon.	It  is	now  main-
       tained by YOSHIFUJI Hideaki <yoshfuji@skbuff.net>.

SECURITY

       clockdiff requires CAP_NET_RAW capability to be executed. It is safe to be used as set-uid root.

AVAILABILITY

       clockdiff  is  part  of iputils package and the latest versions are  available in source form at http://www.skbuff.net/iputils/iputils-cur-
       rent.tar.bz2.

iputils-121221							   10 June 2014 						      CLOCKDIFF(8)
All times are GMT -4. The time now is 09:16 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy