Add .editorconfig file and implement dependency check that can be
invoked from the command line.
This commit is contained in:
parent
7328bbac8f
commit
a396d1cf4e
2 changed files with 69 additions and 22 deletions
5
.editorconfig
Normal file
5
.editorconfig
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
root = true
|
||||||
|
|
||||||
|
[*.sh]
|
||||||
|
indent_size = 4
|
||||||
|
indent_style = tab
|
|
@ -42,6 +42,24 @@ MY_IP="94.199.214.20"
|
||||||
# After this point, no editing is required.
|
# After this point, no editing is required.
|
||||||
start=$(date +%s)
|
start=$(date +%s)
|
||||||
|
|
||||||
|
# Dependencies of this script. Simple array with the following structure:
|
||||||
|
# (command package [...])
|
||||||
|
dependencies=(
|
||||||
|
"sudo" "app-admin/sudo"
|
||||||
|
"python" "dev-lang/python:3.8"
|
||||||
|
"fail2ban-client" "net-analyzer/fail2ban"
|
||||||
|
"cut" "sys-apps/coreutils"
|
||||||
|
"id" "sys-apps/coreutils"
|
||||||
|
"sort" "sys-apps/coreutils"
|
||||||
|
"touch" "sys-apps/coreutils"
|
||||||
|
"tr" "sys-apps/coreutils"
|
||||||
|
"uniq" "sys-apps/coreutils"
|
||||||
|
"grep" "sys-apps/grep"
|
||||||
|
"sponge" "sys-apps/moreutils"
|
||||||
|
"netstat" "sys-apps/net_tools"
|
||||||
|
"getopt" "sys-apps/util-linux"
|
||||||
|
)
|
||||||
|
|
||||||
# These suffixes must be appended to the respective addresses and subnets.
|
# These suffixes must be appended to the respective addresses and subnets.
|
||||||
suffix8="/8"
|
suffix8="/8"
|
||||||
suffix16="/16"
|
suffix16="/16"
|
||||||
|
@ -61,18 +79,40 @@ bold="$(printf '\033[1m')"
|
||||||
reset="$(printf '\033[0m')"
|
reset="$(printf '\033[0m')"
|
||||||
|
|
||||||
# Clean up when the script exits.
|
# Clean up when the script exits.
|
||||||
trap 'sudo -k; rm -r ${tmpdir}' EXIT
|
trap 'sudo -k 2>/dev/null >&2; rm -r ${tmpdir}' EXIT
|
||||||
|
|
||||||
function check_installed() {
|
function is_installed() {
|
||||||
|
which "${1}" 2>/dev/null >&2
|
||||||
|
return $?
|
||||||
|
}
|
||||||
|
|
||||||
|
function print_missing_dependency() {
|
||||||
local command="$1"
|
local command="$1"
|
||||||
local package="$2"
|
local package="$2"
|
||||||
which "${command}" 2>/dev/null >&2
|
|
||||||
local result=$?
|
|
||||||
|
|
||||||
if [[ "${result}" -ne 0 ]] ; then
|
echo "${red}Command ${bold}${command}${reset}${red} not found.${reset} Please install package ${blue}${package}${reset}." >&2
|
||||||
echo "${red}Command ${bold}${command}${reset}${red} not found.${reset} Please install package ${blue}${package}${reset}."
|
}
|
||||||
exit 1
|
|
||||||
|
function check_dependencies() {
|
||||||
|
local arraylength=${#dependencies[@]}
|
||||||
|
local res=
|
||||||
|
local command=
|
||||||
|
local package=
|
||||||
|
# 0: true, all installed; 1: false, at least one command/package missing
|
||||||
|
local all_installed=0
|
||||||
|
|
||||||
|
for (( i=0; i<${arraylength}; i+=2 )) ; do
|
||||||
|
command="${dependencies[$i]}"
|
||||||
|
package="${dependencies[$i+1]}"
|
||||||
|
is_installed "${command}" "${package}"
|
||||||
|
res=$?
|
||||||
|
if [[ $res -ne 0 ]] ; then
|
||||||
|
print_missing_dependency "${command}" "${package}"
|
||||||
|
all_installed=1
|
||||||
fi
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
return ${all_installed}
|
||||||
}
|
}
|
||||||
|
|
||||||
function print_help() {
|
function print_help() {
|
||||||
|
@ -96,6 +136,12 @@ Usage: $(basename $0) -d FILE [OPTION...]
|
||||||
comma-separated values; defaults to 'CN'
|
comma-separated values; defaults to 'CN'
|
||||||
(China).
|
(China).
|
||||||
|
|
||||||
|
-e, --dependencies Check if all required dependencies are
|
||||||
|
installed. If all dependencies are found,
|
||||||
|
exits with code 0. Otherwise, missing
|
||||||
|
dependencies are printed to stderr and
|
||||||
|
the program terminates with code 1.
|
||||||
|
|
||||||
-j, --jail=JAIL Specify the JAIL to use for banning the IP
|
-j, --jail=JAIL Specify the JAIL to use for banning the IP
|
||||||
addresses.
|
addresses.
|
||||||
Defaults to 'apache-auth'.
|
Defaults to 'apache-auth'.
|
||||||
|
@ -152,7 +198,7 @@ function filter() {
|
||||||
}
|
}
|
||||||
|
|
||||||
function parse_command_line_args() {
|
function parse_command_line_args() {
|
||||||
TEMP=$(getopt -o 'a::,c:,d:,j:,n:,p:,h' -l 'auto::,country:,database:,jail:,netmask:,port:,help' -- "$@")
|
TEMP=$(getopt -o 'a::,c:,d:,e,j:,n:,p:,h' -l 'auto::,country:,database:,dependencies,jail:,netmask:,port:,help' -- "$@")
|
||||||
|
|
||||||
if [ $? -ne 0 ] ; then
|
if [ $? -ne 0 ] ; then
|
||||||
echo 'Error parsing command line options. Terminating. Invoke with --help for help.' >&2
|
echo 'Error parsing command line options. Terminating. Invoke with --help for help.' >&2
|
||||||
|
@ -191,6 +237,10 @@ function parse_command_line_args() {
|
||||||
database="$2"
|
database="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
'-e'|'--dependencies')
|
||||||
|
check_dependencies
|
||||||
|
exit $?
|
||||||
|
;;
|
||||||
'-j'|'--jail')
|
'-j'|'--jail')
|
||||||
jail="$2"
|
jail="$2"
|
||||||
shift
|
shift
|
||||||
|
@ -408,19 +458,11 @@ port=443
|
||||||
|
|
||||||
parse_command_line_args "$@"
|
parse_command_line_args "$@"
|
||||||
|
|
||||||
check_installed "sudo" "app-admin/sudo"
|
check_dependencies
|
||||||
check_installed "python" "dev-lang/python:3.8"
|
dependencies_ok=$?
|
||||||
check_installed "fail2ban-client" "net-analyzer/fail2ban"
|
if [[ ${dependencies_ok} -ne 0 ]] ; then
|
||||||
check_installed "cut" "sys-apps/coreutils"
|
exit ${dependencies_ok}
|
||||||
check_installed "id" "sys-apps/coreutils"
|
fi
|
||||||
check_installed "sort" "sys-apps/coreutils"
|
|
||||||
check_installed "touch" "sys-apps/coreutils"
|
|
||||||
check_installed "tr" "sys-apps/coreutils"
|
|
||||||
check_installed "uniq" "sys-apps/coreutils"
|
|
||||||
check_installed "grep" "sys-apps/grep"
|
|
||||||
check_installed "sponge" "sys-apps/moreutils"
|
|
||||||
check_installed "netstat" "sys-apps/net_tools"
|
|
||||||
check_installed "getopt" "sys-apps/util-linux"
|
|
||||||
|
|
||||||
# List already banned addresses in the chosen jail
|
# List already banned addresses in the chosen jail
|
||||||
banned="$(exec_as_root fail2ban-client get "${jail}" banip)"
|
banned="$(exec_as_root fail2ban-client get "${jail}" banip)"
|
||||||
|
|
Loading…
Reference in a new issue