69 lines
1.2 KiB
Plaintext
69 lines
1.2 KiB
Plaintext
|
#!/usr/local/bin/bash
|
||
|
|
||
|
set -o errexit
|
||
|
set -o pipefail
|
||
|
set -o nounset
|
||
|
|
||
|
PFCTL="/sbin/pfctl"
|
||
|
|
||
|
add() {
|
||
|
${PFCTL} -t loghosts -Tadd ${1}
|
||
|
}
|
||
|
|
||
|
del() {
|
||
|
${PFCTL} -t loghosts -Tdel ${1}
|
||
|
}
|
||
|
|
||
|
show() {
|
||
|
${PFCTL} -t loghosts -Tshow
|
||
|
}
|
||
|
|
||
|
log() {
|
||
|
tcpdump -n -e -ttt -i pflog0
|
||
|
}
|
||
|
|
||
|
usage() {
|
||
|
echo "${0} <action> [<argument>]"
|
||
|
cat << EOF
|
||
|
where <action> is one of:
|
||
|
add - add an address to loghosts table
|
||
|
del - remove an address from loghosts table
|
||
|
show|list - list contents of loghosts table
|
||
|
log|trace|follow - realtime display of logged connections
|
||
|
where <argument> is applicable for following actions:
|
||
|
add - ip address or FQDN
|
||
|
del - ip address or FQDN
|
||
|
EOF
|
||
|
}
|
||
|
|
||
|
# poor getopts replacement. i'm too lazy to learn getopts
|
||
|
while [[ $# -gt 0 ]]; do
|
||
|
case ${1} in
|
||
|
add)
|
||
|
add ${2}
|
||
|
shift 2
|
||
|
;;
|
||
|
del)
|
||
|
del ${2}
|
||
|
shift 2
|
||
|
;;
|
||
|
show|list)
|
||
|
show
|
||
|
shift 2
|
||
|
;;
|
||
|
log|trace|follow)
|
||
|
log
|
||
|
shift
|
||
|
;;
|
||
|
-h|--help)
|
||
|
usage
|
||
|
exit 0
|
||
|
;;
|
||
|
*)
|
||
|
echo "unknown argument"
|
||
|
exit 1
|
||
|
;;
|
||
|
esac
|
||
|
done
|
||
|
|