-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathssh-geoip-filter.sh
31 lines (25 loc) · 1.17 KB
/
ssh-geoip-filter.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
#########################################################################
# SSH GeoLite2 SSH Filtering #
# Written by Ralph Slooten #
# #
# INSTALLATION: edit "/etc/hosts.alow" and comment out "sshd: ALL" #
# replace it with the following line: #
# sshd: ALL: aclexec /usr/local/bin/sshfilter.sh %a #
# #
#########################################################################
# UPPERCASE space-separated country codes to ACCEPT
ALLOW_COUNTRIES="SE,DK"
if [ $# -ne 1 ]; then
echo "Usage: `basename $0` <ip>" 1>&2
exit 0 # return true in case of config issue
fi
COUNTRY=`/usr/bin/geoiplookup $1 | awk -F ": " '{ print $2 }' | awk -F "," '{ print $1 }' | head -n 1`
[[ $COUNTRY = "IP Address not found" || $ALLOW_COUNTRIES =~ $COUNTRY ]] && RESPONSE="ALLOW" || RESPONSE="DENY"
if [ $RESPONSE = "ALLOW" ]
then
exit 0
else
logger "$RESPONSE sshd connection from $1 ($COUNTRY)"
exit 1
fi