Skip to content

Instantly share code, notes, and snippets.

@chwnam
Created June 2, 2022 09:06
Show Gist options
  • Save chwnam/25134287e0900b1dd4cffae5a6643119 to your computer and use it in GitHub Desktop.
Save chwnam/25134287e0900b1dd4cffae5a6643119 to your computer and use it in GitHub Desktop.
IP 타임 로그로부터 차단 IP 설정 생성
import sys
def create_iptime_block_rules(ip_range, title_prefix):
output = "Type=firewall # Do not modify\n" + \
"Version=1.0.0 # Do not modify\n" + \
"lang=utf-8 # Do not modify\n\n"
for index, ip in enumerate(ip_range):
output += "[{0} {1}]\n".format(title_prefix, 1 + index)
output += "enable = 1\n"
output += "schedule = 0000000 0000 0000\n"
output += "flag = 0\n"
output += "{\n"
output += "\tdirection = outin\n"
output += "\tsrc_type = ip\n"
output += "\tdest_ip_address = {0}.0-{0}.255\n".format(ip)
output += "\tprotocol = none\n"
output += "\tpolicy = drop\n"
output += "}\n"
return output
if __name__ == '__main__':
ips = set()
for ln in sys.stdin.readlines():
line = ln.strip()
if line.find('잘못된 VPN 계정 또는 암호로 접속을 시도 하였습니다') > -1:
c = line.find(',')
p = line.rfind(')')
if c > -1 and p > -1:
ip = '.'.join(line[c + 2:p].split('.')[0:3])
ips.add(ip)
if ips:
print(create_iptime_block_rules(ips, '차단'))
@chwnam
Copy link
Author

chwnam commented Jun 2, 2022

이렇게 차단해도 로그인 시도는 계속 이뤄집니다. 실패한 방법이지만 기록 삼아 남겨둡니다.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment