1. Forum
  2. fsxNet
  3. FSX BBS

  • Re: Bink Block

    From Warpslide@21:3/110 to All on Wednesday, November 27, 2024 17:03:18
    On 25 Nov 2024, Warpslide said the following...

    Solution? Block their ass!

    For some reason this person has decided to change the name they use when sending mail with binkp, so updated this script to handle multiple cases:

    #!/bin/bash
    BINKLOG="/path/to/binkd.log"

    BLOCK=(
    "ZYZ John Doe$"
    "ZYZ Jane Doe$"
    "ZYZ j0hnd03$"
    "addr: 1:234/567@fidonet"
    "addr: 21:3/999@fsxnet"
    )

    for i in "${BLOCK[@]}"; do

    # Find the latest log entry matching the pattern
    getpoll=$(tac "$BINKLOG" | grep -m 1 "$i")

    if [[ -n $getpoll ]]; then
    # Extract the PID from the log entry using bash string manipulation
    pollpid="${getpoll#*[}"
    pollpid="${pollpid%%]*}"

    # Find the full log entry associated with the PID
    poll=$(grep "\[$pollpid\] incoming session with" "$BINKLOG")

    ip=$(echo "$poll" | sed -n 's/.*\[\([^]]*\)\]$/\1/p')

    # Extract the IPv4 address from the log entry
    if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then

    # Convert to CIDR format
    cidr="${ip%.*}.0/24"

    # Check if the CIDR is already in the block4 IP set
    if ! sudo ipset test block4 "$cidr" >/dev/null 2>&1; then
    # Add the CIDR to the block4 IP set and save changes
    sudo ipset add block4 "$cidr"
    sudo ipset save > /etc/iptables/ipsets
    fi
    # Extract the IPv6 address from the log entry
    elif [[ "$ip" =~ ^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$ || "$ip" == *"::"* ]]; then

    # Convert to CIDR format
    cidr=`echo "$ip" | cut -d: -f1-4`\:\:\/64

    # Check if the CIDR is already in the block6 IP set
    if ! sudo ipset test block6 "$cidr" >/dev/null 2>&1; then
    # Add the CIDR to the block6 IP set and save changes
    sudo ipset add block6 "$cidr"
    sudo ipset save > /etc/iptables/ipsets
    fi
    fi
    fi
    done


    Since adding these rules on the 25th, I already have three IPv4 address ranges and several hundred hits:

    pkts bytes target prot opt in out source dest
    392 13680 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set block4 src


    Updated version also available at:
    https://nrbbs.net/binkblock.sh.txt


    Jay

    ... What musical instrument is found in the bathroom? A tuba toothpaste

    --- Mystic BBS v1.12 A49 2024/05/29 (Linux/64)
    * Origin: Northern Realms (21:3/110)