acgrep.sh

https://github.com/xdth/misc/blob/master/acgrep.sh


#!/bin/bash

######################### acgrep.sh v0.1 ###############################
# This script will grep a given set of strings from a text file (syslog)
# and output the result, excluding lines containing another set of
# strings, to a specified location, with a dated file name.
#
# The script will then delete all files in the destination folder older
# than X days and change the ownership of the resulting files to the
# web server.
#
# It can be used, for example, to generate logs from AssaultCube or
# UrbanTerror servers, one log per server.
#
# author: dth@dthlabs.com
#
# To run daily, add to your cron:
# 0 */1 * * * /root/aclogs/acgrep.sh

# #######################################################################
# ## Parameters

# The file to grep
acgrep_filePath="/var/log/syslog"

# Location where the files will be generated. Keep the trailing slash.
acgrep_destinationPath="/root/aclogs/"

# grep this string
acgrep_string="AssaultCube"

# The AC servers' ports
acgrep_substrings="28763 8000 9000 10000 16000"

# Delete generate files after this amount of days
acgrep_keep_days=7

# Regex to skip lines containing these strings
acgrep_skipline="/xskip\|pwd/d"

# #######################################################################
# ## Functions

function acgrep_init {
# feed $YESTERDAY with the syslog format "Jan 31"
YESTERDAY=$(date -d "yesterday 06:00" '+%b %d')
# feed $YESTERDAY2 with yesterday's date in the format 2018-01-31
YESTERDAY2=$(date -d "yesterday 06:00" '+%Y-%m-%d')
}

function acgrep_finish {
# Make destination folder readable to the web server
chown www-data:www-data -R "$acgrep_destinationPath"

# Delete file older than x days
/usr/bin/find "$acgrep_destinationPath" -mtime +$acgrep_keep_days -type f -delete
}

function acgrep_main {
# initialize date variables
acgrep_init

# main loop
for i in $acgrep_substrings
do
# cat /var/log/syslog | grep "AssaultCube" | grep "$YESTERDAY" | grep 8000 > /home/dth/8000_2018-01-31.txt
sed $acgrep_skipline $acgrep_filePath | grep $acgrep_string | grep "$YESTERDAY" | grep $i > "$acgrep_destinationPath"$i"_"$YESTERDAY2.txt
done

# clean up and finish
acgrep_finish
}

# Execute
acgrep_main

qFirewall (qfw) – a quick iptables firewall script

This is my new basic firewall script. For updates, check my github: https://github.com/xdth

Screenshot

Code

#! /bin/bash

# ######################### qFirewall (qfw) 0.1 ########################
#
# This is a basic iptables firewall script.
#
# Usage:
# ./qfw {start|stop}
#
# Notes:
# 1. Comment or uncomment the firewall rules below according to your
#    needs.
# 2. For convenience, add this script to your /usr/bin or alike with
#    chmod +x permissions.
# 2. License: MIT
# 3. Author: dth at dthlabs dot com
#    Site:   https://dthlabs.com
#    github: https://github.com/xdth
#
# Brussels, Jan 23, 2018
# note: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
# #######################################################################


# #######################################################################
# ## Rules function -- edit this according to your needs

function qfw_rules {
  # Block everything
  iptables -t filter -P INPUT DROP
  iptables -t filter -P FORWARD DROP
  iptables -t filter -P OUTPUT DROP
  echo "     > Block everything"

  # Don't break established connections
  iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  echo "     > Don't break established connections"

  # Authorize loopback (127.0.0.1)
  iptables -t filter -A INPUT -i lo -j ACCEPT
  iptables -t filter -A OUTPUT -o lo -j ACCEPT
  echo "     > Authorize Loopback"

  # ICMP (ping)
  iptables -t filter -A INPUT -p icmp -j ACCEPT
  iptables -t filter -A OUTPUT -p icmp -j ACCEPT
  echo "     > Authorize ICMP (ping)"

  # SSH in/out
  iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 22 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 9000 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 9000 -j ACCEPT
  echo "     > Authorize SSH"

  # DNS in/out
  iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
  iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
  iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
  echo "     > Authorize DNS"

  # NTP Out
  iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
  echo "     > Authorize NTP outbound"

  # HTTP + HTTPS Out
  iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
  # iptables -t filter -A OUTPUT -p tcp --dport 8080 -j ACCEPT

  # HTTP + HTTPS In
  iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
  # iptables -t filter -A INPUT -p tcp --dport 8443 -j ACCEPT
  # iptables -t filter -A INPUT -p tcp --dport 8080 -j ACCEPT
  echo "     > Authorize http and https"

  # FTP Out
  iptables -t filter -A OUTPUT -p tcp --dport 21 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 20 -j ACCEPT

  # FTP In
  iptables -t filter -A INPUT -p tcp --dport 20 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 21 -j ACCEPT
  iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  echo "     > Authorize FTP"

  # Mail SMTP
  iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 587 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 587 -j ACCEPT
  iptables -t filter -A INPUT -p tcp --dport 465 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 465 -j ACCEPT

  # Mail POP3:110
  iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT

  # Mail IMAP:143
  iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT

  # Mail POP3S:995
  iptables -t filter -A INPUT -p tcp --dport 995 -j ACCEPT
  iptables -t filter -A OUTPUT -p tcp --dport 995 -j ACCEPT
  echo "     > Authorize mail"

  # OpenVZ Web Pannel
  # iptables -t filter -A OUTPUT -p tcp --dport 3000 -j ACCEPT
  # iptables -t filter -A INPUT -p tcp --dport 3000 -j ACCEPT
  # echo "     > Authorize OpenVZ panel"

  # Allow WMs
  # iptables -P FORWARD ACCEPT
  # iptables -F FORWARD
  # echo "WMs ok"
  # echo "     > Authorize WMs"

  # Saltstack
  # iptables -t filter -A OUTPUT -p tcp --dport 4505 -j ACCEPT
  # iptables -t filter -A INPUT -p tcp --dport 4505 -j ACCEPT
  # iptables -t filter -A OUTPUT -p tcp --dport 4506 -j ACCEPT
  # iptables -t filter -A INPUT -p tcp --dport 4506 -j ACCEPT
  # echo "     > Authorize Saltstack"

  # Block UDP attack
  # iptables -A INPUT -m state --state INVALID -j DROP
  # echo "     > Block UDP attack"

}


# #######################################################################
# ## Other functions

function qfw_help {
  echo "qFirewall usage: ./qfw {start|stop}"
  exit 1
}

function qfw_seeya {
  echo "     > Thanks for using qFirewall (qfw) v1. Have a good day."
  echo ""
  echo ""
}

function qfw_separator {
  echo ""
  echo ""
  echo "===================== qFirewall (qfw) v0.1 ====================="
  echo ""
}

function qfw_reset {
  iptables -F
  iptables -X
  iptables -t nat -F
  iptables -t nat -X
  iptables -t mangle -F
  iptables -t mangle -X
  iptables -P INPUT ACCEPT
  iptables -P FORWARD ACCEPT
  iptables -P OUTPUT ACCEPT
  iptables -t filter -F
  iptables -t filter -X
}

function qfw_start {
  qfw_separator
  echo "     > Starting qFirewall..."
  qfw_clean
  echo "     > Loading the rules..."
  qfw_rules
  echo "     > Rules loaded"
  echo "     > qFirewall started"
}

function qfw_clean {
  echo "     > Cleaning rules..."
  qfw_reset
  echo "     > Rules cleaned"
}

function qfw_stop {
  qfw_separator
  echo "     > Stopping qFirewall..."
  qfw_clean
  echo "     > qFirewall stopped"
}


# #######################################################################
# ## Main

case "$1" in
  start)
  qfw_start
  ;;
  stop)
  qfw_stop
  ;;
  *)
  qfw_help
  exit 1
  ;;
esac

qfw_seeya

exit 0

Quick proxy script for sharing internet among devices

I created this script to automatize sharing of the hotspot connection I’m using.

Scenario:
My laptop is connected to the hotspot wifi. This internet connection will be shared to a router via an ethernet cable (which is also plugged to the laptop). The router then will distribute the connection to multiple devices.

Read more “Quick proxy script for sharing internet among devices”