smeserver-denyhosts/root/etc/e-smith/events/actions/denyhost-purge

#!/usr/bin/perl -w

use strict;
use Errno;
use esmith::ConfigDB;
use esmith::util;
use esmith::db;
use Data::Validate::IP;
my $validator=Data::Validate::IP->new;

my $event = $ARGV [0];
my $ip = $ARGV [1];
my $whitelist = $ARGV [2];
my $debug=0;

die "IP missing" unless defined ($ip);
die "Not an IP" unless ($validator->is_ipv4($ip));


die "IP $ip not banned" unless (system("grep $ip /etc/hosts.deny_ssh ".'>/dev/null 2>&1') == 0);
die "can not stop denyhost" unless ( system("/etc/init.d/denyhosts","stop") ==0);

# unlist
my @files = ('/etc/hosts.deny_ssh', '/var/lib/denyhosts/hosts', '/var/lib/denyhosts/hosts-restricted' , '/var/lib/denyhosts/hosts-root', '/var/lib/denyhosts/hosts-valid', '/var/lib/denyhosts/users-hosts' );
foreach my $file (@files) {

	if (system("grep $ip $file".' >/dev/null 2>&1') == 0) {
		print "$ip removed from $file\n" if (system("sed -i '/$ip/d' $file") == 0  && $debug )
	}
}

#(optional, whitelist)  /var/lib/denyhosts/allowed-hosts
if (defined($whitelist)) {
	# add to db
	my $db = esmith::ConfigDB->open
    	|| warn "Couldn't open configuration database (permissions problems?)";
	
    	my $rec = $db->get('denyhosts');
    	if ($rec)
    	{
	
    	my $prop = $rec->prop('ValidFrom') || '';
	
    	my @vals = split /,/, $prop;
    	unless (grep /^$ip$/, @vals) 
	{ # already have this entry
        	if ($prop ne '')
        	{
            		$prop .= ",$ip";
        	}
        	else
        	{
         	   	$prop = "$ip";
        	}
    		$rec->set_prop('ValidFrom', $prop);
	
		system("/sbin/e-smith/expand-template /var/lib/denyhosts/allowed-hosts");
		print "Add to whitelist: $ip \n";
	}
	}
}
# /etc/init.d/denyhosts start
system("/etc/init.d/denyhosts","start");
initial commit of file from CVS for smeserver-denyhosts on Sat Sep 7 19:51:06 AEST 2024 2024-09-07 11:51:06 +02:00			`#!/usr/bin/perl -w`

			`use strict;`
			`use Errno;`
			`use esmith::ConfigDB;`
			`use esmith::util;`
			`use esmith::db;`
			`use Data::Validate::IP;`
			`my $validator=Data::Validate::IP->new;`

			`my $event = $ARGV [0];`
			`my $ip = $ARGV [1];`
			`my $whitelist = $ARGV [2];`
			`my $debug=0;`

			`die "IP missing" unless defined ($ip);`
			`die "Not an IP" unless ($validator->is_ipv4($ip));`


			`die "IP $ip not banned" unless (system("grep $ip /etc/hosts.deny_ssh ".'>/dev/null 2>&1') == 0);`
			`die "can not stop denyhost" unless ( system("/etc/init.d/denyhosts","stop") ==0);`

			`# unlist`
			`my @files = ('/etc/hosts.deny_ssh', '/var/lib/denyhosts/hosts', '/var/lib/denyhosts/hosts-restricted' , '/var/lib/denyhosts/hosts-root', '/var/lib/denyhosts/hosts-valid', '/var/lib/denyhosts/users-hosts' );`
			`foreach my $file (@files) {`

			`if (system("grep $ip $file".' >/dev/null 2>&1') == 0) {`
			`print "$ip removed from $file\n" if (system("sed -i '/$ip/d' $file") == 0 && $debug )`
			`}`
			`}`

			`#(optional, whitelist) /var/lib/denyhosts/allowed-hosts`
			`if (defined($whitelist)) {`
			`# add to db`
			`my $db = esmith::ConfigDB->open`
			`\|\| warn "Couldn't open configuration database (permissions problems?)";`

			`my $rec = $db->get('denyhosts');`
			`if ($rec)`
			`{`

			`my $prop = $rec->prop('ValidFrom') \|\| '';`

			`my @vals = split /,/, $prop;`
			`unless (grep /^$ip$/, @vals)`
			`{ # already have this entry`
			`if ($prop ne '')`
			`{`
			`$prop .= ",$ip";`
			`}`
			`else`
			`{`
			`$prop = "$ip";`
			`}`
			`$rec->set_prop('ValidFrom', $prop);`

			`system("/sbin/e-smith/expand-template /var/lib/denyhosts/allowed-hosts");`
			`print "Add to whitelist: $ip \n";`
			`}`
			`}`
			`}`
			`# /etc/init.d/denyhosts start`
			`system("/etc/init.d/denyhosts","start");`