Last active
August 29, 2015 14:07
-
-
Save grepwood/b208b130abd6ec2ccb3b to your computer and use it in GitHub Desktop.
Updates APF deny_hosts.rules via InterWorx API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
# deps | |
use strict; | |
use warnings; | |
use Getopt::Std; | |
require RPC::XML; | |
require RPC::XML::Client; | |
use File::Slurp; | |
my $satisfied = 0; | |
my $address = ""; | |
my $secret = ""; | |
my $email = ""; | |
my $list = ""; | |
my $port = ""; | |
my $options=(); | |
getopts("ha:s:k:e:p:f:", \%main::options); | |
# If you're asking for help, chances are you don't | |
# want to execute the rest of the program | |
if (defined $main::options{h}) { | |
print "This program changes a NodeWorx controlled firewall\n"; | |
print "Required arguments:\n"; | |
print " -h see this message\n"; | |
print " -a address of the NodeWorx server\n"; | |
print " -s file where the super secret password is kept\n"; | |
print " -e email of the authorized staffer or bot\n"; | |
print " -f file with updated IP block list\n"; | |
print " -k path to API key instead of email+pass\n"; | |
print "Optional settings:\n"; | |
print " -p sets a port number, if not set, defaults to 2443\n"; | |
exit 0; | |
} | |
# Checking if we got the options. | |
# If yes, we add a power of 2 to $satisfied so that | |
# later we can have a unique value to check against. | |
if (defined $main::options{a}) { | |
$satisfied += 1; | |
$address = $main::options{a}; | |
} | |
if (defined $main::options{s}) { | |
$satisfied += 2; | |
$main::secret_file = $main::options{s}; | |
} | |
if (defined $main::options{e}) { | |
$satisfied += 4; | |
$email = $main::options{e}; | |
} | |
if (defined $main::options{f}) { | |
$satisfied += 8; | |
$list = $main::options{f}; | |
} | |
if (defined $main::options{k}) { | |
$satisfied += 16; | |
$main::key_file = $main::options{k}; | |
} | |
if (defined $main::options{p}) { | |
$port = $main::options{p}; | |
} else { | |
$port = 2443; | |
} | |
if ((($satisfied & 15) != 15) && (($satisfied & 25) != 25)) { | |
print "block_ips perl script is missing argument(s)\n"; | |
print "Try with -h to see what is required\n"; | |
exit -1; | |
} | |
# Read the IP list we got from our C program | |
open my $ip_list_file, $list or die "Could not open $list: $!\n"; | |
my @ip_list = readline $ip_list_file; | |
close $ip_list_file; | |
my $cli = RPC::XML::Client->new("https://$address:$port/xmlrpc"); | |
# Read the super secret password if we are using it | |
if(($satisfied & 6) == 6) { | |
open my $secret_file_info, $main::secret_file or die "Could not open $main::secret_file: $!\n"; | |
my $password = <$secret_file_info>; | |
close $secret_file_info; | |
chomp $password; | |
$main::losingmypatiencewithperl = RPC::XML::struct->new({ | |
'email' => RPC::XML::string->new("$email"), | |
'password' => RPC::XML::string->new("$password") | |
}); | |
} | |
elsif(($satisfied & 16) == 16) { | |
open my $key_file_info, $main::key_file or die "Could not open $main::key_file: $!\n"; | |
$main::losingmypatiencewithperl = read_file($main::key_file); | |
close $key_file_info; | |
chomp $main::losingmypatiencewithperl; | |
} | |
my $apikey = $main::losingmypatiencewithperl; | |
my $ctrl_name = RPC::XML::string->new('/nodeworx/firewall'); | |
my $action = RPC::XML::string->new('allowDenyIps'); | |
my $param = RPC::XML::struct->new({ | |
'name' => RPC::XML::string->new('blocked_ips'), | |
'blocked_ips' => RPC::XML::string->new("@ip_list") | |
}); | |
my $resp = $cli->send_request('iworx.route', | |
$apikey, | |
$ctrl_name, | |
$action, | |
$param); | |
my $results = $resp->value(); | |
if ($results->{status} == 0) { | |
print "Success!\n"; | |
} else { | |
print "Failure!\n"; | |
} | |
if (ref($results->{payload}) eq 'ARRAY') { | |
my @payload = @{$results->{payload}}; | |
foreach (@payload) { | |
my @key = @{$_}; | |
print "@key" . "\n"; | |
} | |
} else { | |
print $results->{payload}, "\n"; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment