69 lines
1.2 KiB
Bash
Executable File
69 lines
1.2 KiB
Bash
Executable File
#!/usr/local/bin/bash
|
|
|
|
set -o errexit
|
|
set -o pipefail
|
|
set -o nounset
|
|
|
|
PFCTL="/sbin/pfctl"
|
|
|
|
add() {
|
|
${PFCTL} -t loghosts -Tadd ${1}
|
|
}
|
|
|
|
del() {
|
|
${PFCTL} -t loghosts -Tdel ${1}
|
|
}
|
|
|
|
show() {
|
|
${PFCTL} -t loghosts -Tshow
|
|
}
|
|
|
|
log() {
|
|
tcpdump -n -e -ttt -i pflog0
|
|
}
|
|
|
|
usage() {
|
|
echo "${0} <action> [<argument>]"
|
|
cat << EOF
|
|
where <action> is one of:
|
|
add - add an address to loghosts table
|
|
del - remove an address from loghosts table
|
|
show|list - list contents of loghosts table
|
|
log|trace|follow - realtime display of logged connections
|
|
where <argument> is applicable for following actions:
|
|
add - ip address or FQDN
|
|
del - ip address or FQDN
|
|
EOF
|
|
}
|
|
|
|
# poor getopts replacement. i'm too lazy to learn getopts
|
|
while [[ $# -gt 0 ]]; do
|
|
case ${1} in
|
|
add)
|
|
add ${2}
|
|
shift 2
|
|
;;
|
|
del)
|
|
del ${2}
|
|
shift 2
|
|
;;
|
|
show|list)
|
|
show
|
|
shift 2
|
|
;;
|
|
log|trace|follow)
|
|
log
|
|
shift
|
|
;;
|
|
-h|--help)
|
|
usage
|
|
exit 0
|
|
;;
|
|
*)
|
|
echo "unknown argument"
|
|
exit 1
|
|
;;
|
|
esac
|
|
done
|
|
|