Skip to content

Instantly share code, notes, and snippets.

@jfinstrom
Last active Aug 24, 2020
Embed
What would you like to do?
ipban.org with freepbx firewall **(Untested)**
#!/usr/bin/env php
<?php
$restrict_mods = array('firewall' => true);
$bootstrap_settings['freepbx_auth'] = false;
include '/etc/freepbx.conf';
$freepbx = FreePBX::Create();
$firewall = $freepbx->Firewall;
define('API_KEY', '');
function getBatch($lastid = '')
{
$url = 'https://apiban.org/api/' . API_KEY . '/banned';
if (!empty($lastid)) {
$url = $url . '/' . $lastid;
}
$raw = file_get_contents($url);
$out = json_decode($raw, true);
return $out;
}
$id = '';
$final = [];
while (true) {
$ips = getBatch($id);
echo $ips['ID'] . PHP_EOL;
if ($ips['ID'] == 'none' || !is_array($ips['ipaddress'])) {
break;
}
foreach ($ips['ipaddress'] as $ip) {
$final[] = $ip;
}
$id = $ips['ID'];
}
$blacklist = $firewall->getBlacklist();
foreach ($final as $ip) {
if (!isset($blacklist[$ip])) {
$firewall->addToBlacklist($ip);
}
}
@lgaetz
Copy link

lgaetz commented Aug 22, 2020

The "banned" api endpoint returns lists of max 250 IPs. The code as written will only get the first 250, you would need to get the returned ID on each query and iterate until {"ipaddress":["no new bans"], "ID":"none"} is returned.

@jfinstrom
Copy link
Author

jfinstrom commented Aug 24, 2020

@lgaetz a poc, untested but that should put them all in the FreePBX Firewall without duplicates....

Probably should do some sanity checking like "do we have firewall" etc....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment