1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
#!/bin/bash
# ip-addresses.sh
# List the IP addresses your computer is connected to.
# Inspired by Greg Bledsoe's ddos.sh script,
# Linux Journal, 09 March 2011.
# URL:
# http://www.linuxjournal.com/content/back-dead-simple-bash-complex-ddos
# Greg licensed his script under the GPL2,
#+ and as a derivative, this script is likewise GPL2.
connection_type=TCP # Also try UDP.
field=2 # Which field of the output we're interested in.
no_match=LISTEN # Filter out records containing this. Why?
lsof_args=-ni # -i lists Internet-associated files.
# -n preserves numerical IP addresses.
# What happens without the -n option? Try it.
router="[0-9][0-9][0-9][0-9][0-9]->"
# Delete the router info.
lsof "$lsof_args" | grep $connection_type | grep -v "$no_match" |
awk '{print $9}' | cut -d : -f $field | sort | uniq |
sed s/"^$router"//
# Bledsoe's script assigns the output of a filtered IP list,
# (similar to lines 19-22, above) to a variable.
# He checks for multiple connections to a single IP address,
# then uses:
#
# iptables -I INPUT -s $ip -p tcp -j REJECT --reject-with tcp-reset
#
# ... within a 60-second delay loop to bounce packets from DDOS attacks.
# Exercise:
# --------
# Use the 'iptables' command to extend this script
#+ to reject connection attempts from well-known spammer IP domains.
|
