Wednesday, January 13, 2010

ERC with iptables

Note that:
1. Using visudo to edit sudoes file to allow apache/user can run iptables
2. Be sure of iptables service is on:
# chkconfig iptables on
# service iptables restart
# iptables -F
And below is the code of ERC using iptables.
$ban = 1;
$clps = 3; // số yêu cầu tối đa cho phép trong một giây

$in = time()."\n";
$log = fopen('erc-logs/erc-'.$_SERVER['REMOTE_ADDR'].'.log', 'a');    fwrite($log, $in);    fclose($log);
$list = file('erc-logs/erc-'.$_SERVER['REMOTE_ADDR'].'.log', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
$last = count($list)- 1;

if($last > $clps) {
    if($list[$last - $clps] != $list[$last]) $ban = 0;
} else $ban = 0;

if($ban) {
    system('iptables -A INPUT -s '.$_SERVER['REMOTE_ADDR'].' -j DROP');
}

if($last > 5) unlink('erc-logs/erc-'.$_SERVER['REMOTE_ADDR'].'.log');
$ban = 1;

No comments:

Post a Comment