[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] OT: Bulk Portsentry Unblock IP's
- Subject: RE: [cobalt-users] OT: Bulk Portsentry Unblock IP's
- From: "Gil Bechtel" <gil@xxxxxxxxxxxx>
- Date: Fri Nov 16 08:42:19 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> Hi all,
>
> I am interested in periodically unblocking all the IPs blocked by
> Portsentry.
>
> I assume I can just: "> hosts.deny"
> Yes?
>
> However the IP's will still exist on the routing table. In the
> past (being
> a windows user --shoot me if you want) I've just set my alarm for 3am and
> rebooted the server to clear it.
>
> I know how to remove one IP at a time from the routing table using:
> "/sbin/route del -host [IP Address] reject"
>
> What I am looking to do is remove all the blocked IP's in the hosts.deny
> and the routing table without a reboot.
>
Brian this script will take care of the host.deny and portsentry blocked
files, I found this a while ago on the list.
make a new file in your portsentry dir called hosts.deny, create this script
and change the permissions and set it to run whenever you want with cron
-----------------
#!/bin/sh
killall -9 portsentry
rm /usr/local/psionic/portsentry/portsentry.blocked.*
cp /usr/local/psionic/portsentry/hosts.deny /etc/hosts.deny
/usr/local/psionic/portsentry/portsentry -atcp
/usr/local/psionic/portsentry/portsentry -udp
-----------------
I do have a script to clean out sbin route but I have NOT tested it as of
yet and well I have to find it, I will post it then
Gil