-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathvpnmonitor
43 lines (42 loc) · 2.16 KB
/
vpnmonitor
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
filepath=/usr/local/games/jka/log.txt #/path/to/file - enter path to log file
apikey=enterapikey #enter your apikey to iphub.info
#databasepath=/path/to/db - edit only if you want to use another DB -- check notes below
currentTime="date +%T"
connectFormat="(SV\spacket)\s([0-9]+.[0-9]+.[0-9]+.[0-9]+:[-0-9]+)\s:\s(connect)"
echo "VPN monitor - developed by devon"
echo "version 1.0 - 11/5-21"
echo "Attaching to log"
echo "`$currentTime` now monitoring ..."
#printf '\xFF\xFF\xFF\xFFrcon <PASSWORD> status\n' | nc -u -n -w 1 <SERVER_IP> <SERVER_PORT> | sed -ne ':x;/\xFF/{N;s/\xFF\xFF\xFF\xFFprint\n//;tx};/^$/d;p'
#allows you to send rcon commands to server, replace <PASSWORD> with the rcon password, status with the rconcommand, <SERVER_IP> and <SERVER_PORT>
tail -fn0 "$filepath" |
while read line ; do
echo "`$currentTime` new connection request received: $line" | grep -E "$connectFormat"
if [ $? = 0 ] #todo: add some sort of check so say commands won't be executed if they match connectFormat
then
IFS=': '
read -a strarr <<< "$line"
result=$(sqlite3 jkadb.sqlite "SELECT ip from iplist where ip='${strarr[2]}'") #replace jkadb.sqlite with $databasepath + quotationmarks if you want to use another db
if [ -z "$result" ]
then
echo "`$currentTime` ${strarr[2]} : was not found in database"
echo "`$currentTime` ${strarr[2]} : checking for VPN"
response=$(curl -s http://v2.api.iphub.info/ip/"${strarr[2]}" -H "X-Key: $apikey")
echo "`$currentTime` ${strarr[2]} : $response"
if [[ "$response" =~ '"block":0' ]];
then
echo "`$currentTime` ${strarr[2]} : no VPN detected"
sqlite3 jkadb.sqlite "INSERT INTO iplist(ip, vpn) VALUES ('${strarr[2]}', 0)" #replace jkadb.sqlite with $databasepath + quotationmarks if you want to use another db
echo "`$currentTime` ${strarr[2]} : added & allowed"
elif [[ "$response" =~ '"block":1' || "$response" =~ '"block":2' ]]
then
echo "`$currentTime` ${strarr[2]} : VPN detected"
sudo iptables -w -I INPUT -s "${strarr[2]}" -j DROP
echo "`$currentTime` ${strarr[2]} : has been blacklisted."
else
echo "invalid input, doing nothing"
fi
fi
fi
done