diff --git a/ddos-mitigator.conf b/ddos-mitigator.conf index a7ebc54..abcd59e 100644 --- a/ddos-mitigator.conf +++ b/ddos-mitigator.conf @@ -10,7 +10,7 @@ DATABASE_FILE="/path/to/geoip/country-or-city-database.mmdb" # Enable the autopilot for automatically banning IP addresses of the desired countries (see also COUNTRIES option). # Only ban IP addresses with at least AUTOPILOT current connections. If the value is not specified or 0, don't # automatically ban IP addresses, but run in interactive mode. -AUTOPILOT="1" +AUTOPILOT="0" # Defines the subnet size in bytes to be analyzed. Valid values are: # - 8 for class A networks (X.0.0.0/8) diff --git a/ddos-mitigator.sh b/ddos-mitigator.sh index 01689ea..a5b4b80 100755 --- a/ddos-mitigator.sh +++ b/ddos-mitigator.sh @@ -198,24 +198,42 @@ function filter() { mv "${filtered}" "${file}" } +function set_default_values() { + if [[ -z "${autopilot}" ]]; then + autopilot=0 + fi + if [[ -z "${netmask}" ]]; then + netmask=0 + fi + if [[ -z "${jail}" ]]; then + jail="apache-auth" + fi + if [[ -z "${bancountries}" ]]; then + bancountries=("CN") + fi + if [[ -z "${port}" ]]; then + port=443 + fi +} + function parse_config_file() { source "${configfile}" - if [[ -z "${autopilot+x}" ]]; then + if [[ -z "${autopilot}" ]]; then autopilot="${AUTOPILOT}" fi if [[ -z "${bancountries}" ]]; then - bancountries=()${COUNTRIES[@]}) + bancountries=(${COUNTRIES[@]}) fi - if [[ -z "${database+x}" ]]; then + if [[ -z "${database}" ]]; then database="${DATABASE_FILE}" fi - if [[ -z "${jail+x}" ]]; then + if [[ -z "${jail}" ]]; then jail="${JAIL}" fi - if [[ -z "${netmask+x}" ]]; then + if [[ -z "${netmask}" ]]; then netmask="${NETMASK}" fi - if [[ -z "${port+x}" ]]; then + if [[ -z "${port}" ]]; then port="${PORT}" fi } @@ -331,6 +349,9 @@ function parse_command_line_args() { echo "Database '${database}' is not accessible." >&2 exit 1 fi + + # Here, we set the default values for all options that have not been set yet. + set_default_values } ################################################################################ @@ -483,12 +504,12 @@ banlist="${tmpdir}/banlist.txt" touch "${banlist}" # Parse the command line options -autopilot=0 -netmask=0 -jail="apache-auth" -bancountries=("CN") +autopilot= +netmask= +jail= +bancountries= database= -port=443 +port= parse_command_line_args "$@"