bash install.shto set helpful aliases and enable logging
- Configure “config” in a text editor to add firewall address(es), authentication, & any other applicable options such as:
- add multiple firewalls to configure them all simultaneously
- configure email alerting to be alerted when an IP is blocked or un-blocked
- whitelist IPs that you never want to get blocked
- optional logging feature for audit capability
The “blockip” script is designed to quickly block a host by simply providing the IP address.
blockip and then the ip address that you want to block.
# blockip 126.96.36.199
[-] (firewall01) Added IP '188.8.131.52' to firewall group 'Deny_All_Group'
This script works in the same way as blockip, except it removes an IP block from the firewall. It can be used to quickly “undo” a block made by blockip.
# removeip 184.108.40.206
[-] (firewall01) Successfully removed IP '220.127.116.11' from firewall group 'Deny_All_Group'
“paramiko” must be installed for this program to run. To install paramiko, try running “pip install paramiko”. On Macs, you may have to install a version of Python that has “pip”. To do this, you can use either easy_install or homebrew (run “sudo easy_install pip” or “brew install python”)