Removed all references to Hail Mary.
Started removing compatability with everything not OpenBSD.
This commit is contained in:
parent
7b069a466b
commit
5522c8b300
@ -1,4 +1,5 @@
|
||||
# Updates
|
||||
- 1st July 2025: Renamed "HAIL_MARY" to "CLOUD_BRUTEFORCE_MITIGATION". Read [Catechism of the Catholic Church](https://www.vatican.va/archive/ENG0015/_INDEX.HTM) before complaining.
|
||||
- 19th June 2025: Updated the _AGENT to the latest Windows Firefox as some sites were rejecting download attempts based on an outdated user agent.
|
||||
|
||||
# Fresh Installation Guide
|
||||
|
||||
@ -29,7 +29,7 @@
|
||||
# IPv6, Authlog Analysis, GeoIP/Country Blacklisting, Bogon Filtering,
|
||||
# Tor filtering as well as configure custom rules and blocklists
|
||||
|
||||
# IPv6 Notes:
|
||||
# IPv6 Notes: THIS IS NOT TESTED IN THIS FORK AS I DON'T HAVE ACCESS TO IPv6
|
||||
# pf-badhost requires IPv6 lists to be preformatted to be RFC-5952 compliant.
|
||||
# Example preprocessors have been written for the default list providers included in this script.
|
||||
# If adding your own IPv6 lists, the addresses must be RFC 5952 compliant and
|
||||
@ -88,11 +88,11 @@ _BOGON_4=0
|
||||
_BOGON_6=0
|
||||
|
||||
###################################################################
|
||||
# Hail Mary Cloud Bruteforcer Mitigation (SSH authlog analysis)
|
||||
# Cloud Bruteforcer Mitigation (SSH authlog analysis)
|
||||
# Searches SSH authlog for bruteforcers
|
||||
#
|
||||
# Set to '1' to enable
|
||||
_HAIL_MARY=0
|
||||
_CLOUD_BRUTEFORCE_MITIGATION=0
|
||||
#
|
||||
# Set failed log-in limit for bans
|
||||
_LOGIN_LIMIT=25
|
||||
@ -437,12 +437,12 @@ mysort() {
|
||||
# Authlog Analysis Functions
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
# Hail Mary Mitigation preproccessor
|
||||
# CLOUD_BRUTEFORCE_MITIGATION preproccessor
|
||||
AUTHLOG_PROC() {
|
||||
myawk -- '{if ($6 !~ "Disconnected|Accepted" && $7 !~ "disconnect") printf("%s\n%s\n%s\n%s\n%s\n%s\n", $9, $10, $11, $12, $13, $14)}'
|
||||
}
|
||||
|
||||
HAIL_MARY_MITIGATE() {
|
||||
CLOUD_BRUTEFORCE_MITIGATION_MITIGATE() {
|
||||
# Check OSTYPE
|
||||
if [ "${_OS_TYPE}" != 'macos' ]; then
|
||||
# IPv4 Authlog List Gen
|
||||
@ -642,7 +642,7 @@ PRINT_LIST() {
|
||||
cat -- < "${user_rules}"
|
||||
fi
|
||||
# Authlog Analysis
|
||||
if [ "${_HAIL_MARY}" -eq 1 ]; then
|
||||
if [ "${_CLOUD_BRUTEFORCE_MITIGATION}" -eq 1 ]; then
|
||||
printf '\n# Rules Generated from %s:\n\n' "$authlog_path1"
|
||||
cat -- < "${authlog}"
|
||||
fi
|
||||
@ -763,7 +763,7 @@ PRINT_STATS() {
|
||||
typeset authlog_num v4_num v4_total v6_num v6_total
|
||||
authlog_num="$(wc -l -- < "${authlog}" | tr -cd '[:digit:]')"
|
||||
|
||||
if [ "${_HAIL_MARY}" -eq 1 ]; then
|
||||
if [ "${_CLOUD_BRUTEFORCE_MITIGATION}" -eq 1 ]; then
|
||||
printf '\nBruteforcers found in "%s": %s\n' "${authlog_path1}" "${authlog_num}"
|
||||
else
|
||||
printf '\n'
|
||||
@ -977,7 +977,7 @@ PRE_EXEC_TESTS() {
|
||||
if [ "${_NO_UID_CHECK}" -ne 1 ]; then
|
||||
CHECK_PRIVILEGE
|
||||
fi
|
||||
if [ "${_HAIL_MARY}" -eq 1 ]; then
|
||||
if [ "${_CLOUD_BRUTEFORCE_MITIGATION}" -eq 1 ]; then
|
||||
CHECK_CMD "${authlog_unzip}" > /dev/null
|
||||
fi
|
||||
if [ "${_PRINT_ONLY}" -ne 1 ]; then
|
||||
@ -998,7 +998,7 @@ VAR_SANITY_CHECK() {
|
||||
IS_INT "${_BOGON_6}" || ERR 'User defined variable "$_BOGON_6" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_CHECK_ONLY}" || ERR 'User defined variable "$_CHECK_ONLY" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_GEOBLOCK}" || ERR 'User defined variable "$_GEOBLOCK" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_HAIL_MARY}" || 'User defined variable "$_HAIL_MARY" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_CLOUD_BRUTEFORCE_MITIGATION}" || 'User defined variable "$_CLOUD_BRUTEFORCE_MITIGATION" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_IPV4}" || 'User defined variable "$_IPV4" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_IPV6}" || ERR 'User defined variable "$_IPV6" contains a non-integer value - Unable to proceed!'
|
||||
IS_INT "${_LOG}" || ERR 'User defined variable "$_LOG" contains a non-integer value - Unable to proceed!'
|
||||
@ -1210,7 +1210,7 @@ main() {
|
||||
E) authlog_unzip="${OPTARG}" ;; # set tool to unzip authlog
|
||||
F) netget="${OPTARG}" ;; # set curl/fetch/ftp/wget preference
|
||||
G) _GEOBLOCK=1 ;; # Enable Geoblocking
|
||||
H) _HAIL_MARY=1 ; _LOGIN_LIMIT="${OPTARG}" ;; # Enable SSH authlog analysis
|
||||
H) _CLOUD_BRUTEFORCE_MITIGATION=1 ; _LOGIN_LIMIT="${OPTARG}" ;; # Enable SSH authlog analysis
|
||||
J) authlog_path1="${OPTARG}" ;;
|
||||
K) authlog_path2="${OPTARG}" ;;
|
||||
O) typeset -l -r _OS_TYPE="${OPTARG}" ;;
|
||||
@ -1314,7 +1314,7 @@ main() {
|
||||
|
||||
# Mark user-defined booleans as read-only
|
||||
readonly _AGENT _LOG _STRICT _IPV4 _IPV6 _AGGREGATE \
|
||||
_GEOBLOCK _BOGON_4 _BOGON_6 _HAIL_MARY \
|
||||
_GEOBLOCK _BOGON_4 _BOGON_6 _CLOUD_BRUTEFORCE_MITIGATION \
|
||||
_TOR_WHITELIST _TOR_BLOCK_ALL _TOR_BLOCK_EXIT \
|
||||
_RFC3330 _RFC5156 _WHITELIST
|
||||
|
||||
@ -1361,7 +1361,7 @@ main() {
|
||||
custom)
|
||||
test -n "${getroot}" || ERR "Custom OS type specified - please set doas/sudo preference with '-Z' option"
|
||||
test -n "${netget}" || ERR "Custom OS type specified - please set curl/fetch/ftp/wget preference with '-F' option"
|
||||
if [ "${_HAIL_MARY}" -eq 1 ]; then
|
||||
if [ "${_CLOUD_BRUTEFORCE_MITIGATION}" -eq 1 ]; then
|
||||
test -n "${authlog_path1}" || ERR "Custom OS type specified - please specifiy path to SSH authlog with '-J' option"
|
||||
test -n "${authlog_path2}" || ERR "Custom OS type specified - please specifiy path to secondary SSH authlog with '-K' option"
|
||||
test -n "${authlog_unzip}" || ERR "Custom OS type specified - please specifiy zcat/bzcat for SSH authlog analysis with '-E' option"
|
||||
@ -1529,9 +1529,9 @@ main() {
|
||||
printf '%s\n' "${_i}"
|
||||
done > "${user_rules}"
|
||||
|
||||
# Hail Mary Mitigation
|
||||
if [ "${_HAIL_MARY}" -eq 1 ]; then
|
||||
HAIL_MARY_MITIGATE
|
||||
# CLOUD_BRUTEFORCE_MITIGATION
|
||||
if [ "${_CLOUD_BRUTEFORCE_MITIGATION}" -eq 1 ]; then
|
||||
CLOUD_BRUTEFORCE_MITIGATION
|
||||
fi
|
||||
|
||||
# Generate lists to load into PF
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user