send ALERT message about not connected friend - DEFCON 5 & 4 ready
This commit is contained in:
parent
8c2be5f75a
commit
691edc4311
|
@ -41,25 +41,24 @@ touch /tmp/treated.ipfs.swarm
|
|||
touch ~/.zen/A_dead_swarm.txt
|
||||
|
||||
count=1
|
||||
for peerline in $(ipfs swarm peers && cat ~/.zen/A_swarm_map.txt | sort | uniq);
|
||||
for ipfsnodeid in $(ipfs swarm peers | grep -o '[^/]*$' && cat ~/.zen/A_swarm_map.txt | grep -o '[^/]*$' | sort | uniq);
|
||||
do
|
||||
ipfsnodeid=$(echo "$peerline" | awk -F '/' '{print $8}')
|
||||
[[ "$ipfsnodeid" == "" ]] && continue
|
||||
## $ipfsnodeid already Treated ?
|
||||
[[ $(cat /tmp/treated.ipfs.swarm | grep $ipfsnodeid ) ]] && continue
|
||||
[[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && continue
|
||||
|
||||
# Convert ipfsnodeid into g1pub
|
||||
whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid)
|
||||
|
||||
# control ip isLAN?
|
||||
ip=$(echo "$peerline" | awk -F '/' '{print $3}')
|
||||
peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | head -n 1)
|
||||
[[ ! $peerline ]] && peerline=$(ipfs swarm peers | grep "$ipfsnodeid")
|
||||
ip=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1)
|
||||
isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
|
||||
|
||||
## $ipfsnodeid already Treated ?
|
||||
[[ $(cat /tmp/treated.ipfs.swarm | grep $ipfsnodeid ) ]] && continue
|
||||
|
||||
nowdate=$(date)
|
||||
|
||||
echo "### ANALYZING $whoisg1 = $ipfsnodeid ($ip) ###"
|
||||
echo "${peerline}"
|
||||
myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid )
|
||||
if [[ "$myfriendpeer" != "" ]]; then
|
||||
[[ ! $(ipfs swarm peers | grep $ipfsnodeid) ]] && ipfs swarm connect "$peerline" && ipfs bootstrap add "$peerline"
|
||||
|
@ -69,12 +68,23 @@ do
|
|||
echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt";
|
||||
grep -vEi $ip ~/.zen/A_my_swarm.txt
|
||||
echo $ipfsnodeid > ~/.zen/A_dead_swarm.txt
|
||||
## SEND MESSAGE ABOUT UNREACHABLE FRIEND
|
||||
[[ "$IPFSNODEID" != "$ipfsnodeid" ]] && ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1"
|
||||
# KEEPING LAST 10 ALERT MESSAGES
|
||||
nbmessage=0
|
||||
for messageid in $(~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id')
|
||||
do
|
||||
nbmessage=$((nbmessage+1))
|
||||
[ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ipfstryme' messages from $whoisg1" && ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey delete -i $messageid && sleep 0.5
|
||||
done
|
||||
|
||||
fi
|
||||
else
|
||||
[[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh
|
||||
echo "!!! NOT MY FRIEND !!! ___________________ # DEFCON : $DEFCON "
|
||||
echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON "
|
||||
if [[ ( $DEFCON < 5 ) && ! $isLAN ]]
|
||||
then
|
||||
## DEFCON 4
|
||||
### SECURITY CHOICE TO MAKE IN /etc/sudoers ###
|
||||
# $USER ALL=(ALL:ALL) NOPASSWD:ALL
|
||||
# $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client
|
||||
|
@ -83,6 +93,12 @@ do
|
|||
sudo fail2ban-client set recidive banip $ip
|
||||
# Show ALL banned IP
|
||||
sudo fail2ban-client status recidive
|
||||
## DEFCON 3
|
||||
# Ban all known ipfsnodeid ip
|
||||
## DEFCON 2
|
||||
# nmap NOT FRIEND
|
||||
## DEFCON 1
|
||||
# DDOS NOT FRIEND
|
||||
fi
|
||||
if [[ ! $isLAN ]]; then
|
||||
ipfs swarm disconnect "$peerline"
|
||||
|
|
Loading…
Reference in New Issue