My shell-fu isn't that great. I have a script I'm going to run via frequent cron. It will generate a list of IP addresses which need to be blocked.
I'm probably going to have some base set of rules to revert to like:
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 -j DROP
So then if anything makes it though that and gets listed in my plain text file (1 IP per line), I'd like IPTables to kill their connections and totally drop any other connection attempts on any ports, probably even adding the IPs to /etc/[url removed, login to view] and wiping the text file.
1) Script to run via cron against a list of IPs which terminates someone's ability to reach the server *IF* there are IPs in the list else don't run (+ check against whitelist to be sure they are still allowed?)
2) Consolidate the block list into the /etc/[url removed, login to view] (without dupes)
3) Clear / delete the IP list file
Bonus poins! 4) Bonus points, another $5 if you save me the 5 minutes, while you're at it of having an email sent to me, only when new IPs are added, so that I know what's up and can review the IPs in email before taking any additional action.
Please be in the US, a native english speaker and a total linux geek?
Brief background: This is for a shoutcast (via centovacast) server on CentOS. My script looks for any IPs with 5 or more connections and then >> them to a text file. It's UGLY but it works.
Additional: If you want to help make this extra clean and easy to redeploy on other servers, nothing fancy or time consuming just #Comment & stuff so I can figure out how to duplicate it... Should I be able to sell anyone on the use & installation of this functionality I'd be happy to send a cut your way later.
This is probably, what maybe an hour of work at $55/hr for a quickie one off. If you're actually a good fit, can crank it out fast and let me be on my way I would be happy to go up to $75.