#!/bin/sh -e
# Copyright 2008 Tobias Tacke, all rights reserved.
# This program is free software; you can redistribute it and/or modify it under the GPL-terms (http://dev.perl.org/licenses/gpl1.html)

_start() {
	iptables -N INTRUSION_BLOCKER
	iptables -A INPUT --goto INTRUSION_BLOCKER

	iptables -A INTRUSION_BLOCKER -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --set --name FTP
	iptables -A INTRUSION_BLOCKER -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --update --seconds 3600 --hitcount 5 --rttl --name FTP -j DROP

	iptables -A INTRUSION_BLOCKER -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
	iptables -A INTRUSION_BLOCKER -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 3600 --hitcount 13 --rttl --name SSH -j DROP
	
	echo "started"
	return 0
}
_stop() {
	iptables -D INPUT --goto INTRUSION_BLOCKER
	iptables -F INTRUSION_BLOCKER
	iptables -X INTRUSION_BLOCKER
	
	echo "stopped"
	return 0
}
_status() {
	echo "status:"
	iptables -L
	return 0
}

echo "intrusion_blocker $1 ..."
case $1 in
	start)
		_start
	;;
	stop)
		_stop
	;;
	status)
		_status
	;;
	restart|reload|force-reload)
		_stop
		_start
	;;
	*)
		echo "Usage: /etc/init.d/intrusion_blocker {start|stop|status|restart|reload|force-reload}"
		exit 3
	;;
esac
exit 0