send ALERT message about not connected friend - DEFCON 5 & 4 ready
This commit is contained in:
parent
8c2be5f75a
commit
691edc4311
|
@ -41,25 +41,24 @@ touch /tmp/treated.ipfs.swarm
|
||||||
touch ~/.zen/A_dead_swarm.txt
|
touch ~/.zen/A_dead_swarm.txt
|
||||||
|
|
||||||
count=1
|
count=1
|
||||||
for peerline in $(ipfs swarm peers && cat ~/.zen/A_swarm_map.txt | sort | uniq);
|
for ipfsnodeid in $(ipfs swarm peers | grep -o '[^/]*$' && cat ~/.zen/A_swarm_map.txt | grep -o '[^/]*$' | sort | uniq);
|
||||||
do
|
do
|
||||||
ipfsnodeid=$(echo "$peerline" | awk -F '/' '{print $8}')
|
## $ipfsnodeid already Treated ?
|
||||||
[[ "$ipfsnodeid" == "" ]] && continue
|
[[ $(cat /tmp/treated.ipfs.swarm | grep $ipfsnodeid ) ]] && continue
|
||||||
[[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && continue
|
[[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && continue
|
||||||
|
|
||||||
# Convert ipfsnodeid into g1pub
|
# Convert ipfsnodeid into g1pub
|
||||||
whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid)
|
whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid)
|
||||||
|
|
||||||
# control ip isLAN?
|
# control ip isLAN?
|
||||||
ip=$(echo "$peerline" | awk -F '/' '{print $3}')
|
peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | head -n 1)
|
||||||
|
[[ ! $peerline ]] && peerline=$(ipfs swarm peers | grep "$ipfsnodeid")
|
||||||
|
ip=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1)
|
||||||
isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
|
isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
|
||||||
|
|
||||||
## $ipfsnodeid already Treated ?
|
|
||||||
[[ $(cat /tmp/treated.ipfs.swarm | grep $ipfsnodeid ) ]] && continue
|
|
||||||
|
|
||||||
nowdate=$(date)
|
nowdate=$(date)
|
||||||
|
|
||||||
echo "### ANALYZING $whoisg1 = $ipfsnodeid ($ip) ###"
|
echo "### ANALYZING $whoisg1 = $ipfsnodeid ($ip) ###"
|
||||||
echo "${peerline}"
|
|
||||||
myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid )
|
myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid )
|
||||||
if [[ "$myfriendpeer" != "" ]]; then
|
if [[ "$myfriendpeer" != "" ]]; then
|
||||||
[[ ! $(ipfs swarm peers | grep $ipfsnodeid) ]] && ipfs swarm connect "$peerline" && ipfs bootstrap add "$peerline"
|
[[ ! $(ipfs swarm peers | grep $ipfsnodeid) ]] && ipfs swarm connect "$peerline" && ipfs bootstrap add "$peerline"
|
||||||
|
@ -69,12 +68,23 @@ do
|
||||||
echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt";
|
echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt";
|
||||||
grep -vEi $ip ~/.zen/A_my_swarm.txt
|
grep -vEi $ip ~/.zen/A_my_swarm.txt
|
||||||
echo $ipfsnodeid > ~/.zen/A_dead_swarm.txt
|
echo $ipfsnodeid > ~/.zen/A_dead_swarm.txt
|
||||||
|
## SEND MESSAGE ABOUT UNREACHABLE FRIEND
|
||||||
|
[[ "$IPFSNODEID" != "$ipfsnodeid" ]] && ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1"
|
||||||
|
# KEEPING LAST 10 ALERT MESSAGES
|
||||||
|
nbmessage=0
|
||||||
|
for messageid in $(~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id')
|
||||||
|
do
|
||||||
|
nbmessage=$((nbmessage+1))
|
||||||
|
[ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ipfstryme' messages from $whoisg1" && ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey delete -i $messageid && sleep 0.5
|
||||||
|
done
|
||||||
|
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
[[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh
|
[[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh
|
||||||
echo "!!! NOT MY FRIEND !!! ___________________ # DEFCON : $DEFCON "
|
echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON "
|
||||||
if [[ ( $DEFCON < 5 ) && ! $isLAN ]]
|
if [[ ( $DEFCON < 5 ) && ! $isLAN ]]
|
||||||
then
|
then
|
||||||
|
## DEFCON 4
|
||||||
### SECURITY CHOICE TO MAKE IN /etc/sudoers ###
|
### SECURITY CHOICE TO MAKE IN /etc/sudoers ###
|
||||||
# $USER ALL=(ALL:ALL) NOPASSWD:ALL
|
# $USER ALL=(ALL:ALL) NOPASSWD:ALL
|
||||||
# $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client
|
# $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client
|
||||||
|
@ -83,6 +93,12 @@ do
|
||||||
sudo fail2ban-client set recidive banip $ip
|
sudo fail2ban-client set recidive banip $ip
|
||||||
# Show ALL banned IP
|
# Show ALL banned IP
|
||||||
sudo fail2ban-client status recidive
|
sudo fail2ban-client status recidive
|
||||||
|
## DEFCON 3
|
||||||
|
# Ban all known ipfsnodeid ip
|
||||||
|
## DEFCON 2
|
||||||
|
# nmap NOT FRIEND
|
||||||
|
## DEFCON 1
|
||||||
|
# DDOS NOT FRIEND
|
||||||
fi
|
fi
|
||||||
if [[ ! $isLAN ]]; then
|
if [[ ! $isLAN ]]; then
|
||||||
ipfs swarm disconnect "$peerline"
|
ipfs swarm disconnect "$peerline"
|
||||||
|
|
Loading…
Reference in New Issue