Created
October 5, 2014 20:18
-
-
Save splitice/5db2b95ee7c80587c340 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Built during an OVH outage for https://www.x4b.net | |
#Absolutely NO warranty implied | |
#Do not even think of blaming me if something goes wrong | |
#Use at own risk | |
#Requires: curl, prips, openssl, jq | |
#FILL OUT! | |
AK="" | |
AS="" | |
CK="" | |
function SHA1_HEX { | |
echo -n "$1" | openssl dgst -sha1 | |
} | |
function ovh_signature { | |
METHOD="$1" | |
QUERY="$2" | |
BODY="$3" | |
TSTAMP="$4" | |
# echo "$AS+$CK+$METHOD+$QUERY+$BODY+$TSTAMP" > /tmp/test | |
SIGNATURE=$(SHA1_HEX "$AS+$CK+$METHOD+$QUERY+$BODY+$TSTAMP") | |
echo -n '$1$' | |
echo $SIGNATURE | awk '{print $2}' | |
} | |
# args: | |
# 1. method | |
# 2. query | |
# 3. body | |
function ovh_call_api { | |
METHOD="$1" | |
QUERY="$2" | |
BODY="$3" | |
TS=$(date +%s) | |
SIG=$(ovh_signature "$1" "$2" "$3" "$TS") | |
curl -s -H 'X-Ovh-Application:'$AK \ | |
-H 'X-Ovh-Timestamp:'$TS \ | |
-H 'X-Ovh-Signature:'$SIG \ | |
-H 'X-Ovh-Consumer:'$CK \ | |
$QUERY | |
} | |
function ovh_post_api { | |
METHOD="$1" | |
QUERY="$2" | |
BODY="$3" | |
TS=$(date +%s) | |
SIG=$(ovh_signature "$1" "$2" "$3" "$TS") | |
curl -v -X$METHOD -s -H 'X-Ovh-Application:'$AK \ | |
-H 'X-Ovh-Timestamp:'$TS \ | |
-H 'X-Ovh-Signature:'$SIG \ | |
-H 'X-Ovh-Consumer:'$CK \ | |
-H 'Content-Type:application/json;charset=UTF-8' \ | |
-d "$BODY" \ | |
$QUERY | |
} | |
function rawurlencode() { | |
local string="${1}" | |
local strlen=${#string} | |
local encoded="" | |
for (( pos=0 ; pos<strlen ; pos++ )); do | |
c=${string:$pos:1} | |
case "$c" in | |
[-_.~a-zA-Z0-9] ) o="${c}" ;; | |
* ) printf -v o '%%%02x' "'$c" | |
esac | |
encoded+="${o}" | |
done | |
echo "${encoded}" # You can either set a return variable (FASTER) | |
REPLY="${encoded}" #+or echo the result (EASIER)... or both... :p | |
} | |
ip="$1" | |
BLOCK="" | |
IPS=$(ovh_call_api GET https://api.ovh.com/1.0/ip | jq '.[]' --raw-output) | |
while read -r line; do | |
if [[ $(echo "$line" | grep $ip) ]]; then | |
BLOCK="$line" | |
elif [[ $(prips "$line" 2>/dev/null | grep $ip) ]]; then | |
BLOCK="$line" | |
fi | |
done <<< "$IPS" | |
if [[ "x$BLOCK" == "x" ]]; then | |
exit | |
fi | |
ovh_post_api PUT https://api.ovh.com/1.0/ip/$(rawurlencode $BLOCK)/mitigation/$(rawurlencode $ip) '{"permanent":false}' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment