Subj : Bink Block
To   : All
From : Warpslide
Date : Mon Nov 25 2024 11:20 am

Scenario:  You belong to a network but decide to drop it.  You've sent your hub a netmail & email letting them know.  Even though two years have gone by they constantly try to poll you.

You netmail and email again & again, never receiving a response yet they still poll your system, sometimes hundreds of times a day, each time with a password error.

Solution?  Block their ass!


Create an IP set to store ip addresses:
ipset -N block4 hash:net
ipset -N block6 hash:net family inet6

Add lines to firewall to block referenced IP sets:
iptables -A INPUT -p all -m set --match-set block4 src -j DROP
ip6tables -A INPUT -p all -m set --match-set block6 src -j DROP


Automatically block them each time they poll you after their IP changes:

#!/bin/bash
BINKLOG="/path/to/binkd.log"

# Find the latest log entry matching the pattern (use only one)

# If using SysOp name:
getpoll=$(tac "$BINKLOG" | grep -m 1 "ZYZ John Doe$")

# If using ftn address:
#getpoll=$(tac "$BINKLOG" | grep -m 1 "addr: 21:3/999@fsxnet$")


if [[ -n $getpoll ]]; then
 # Extract the PID from the log entry using Bash string manipulation
 pollpid="${getpoll#*[}"
 pollpid="${pollpid%%]*}"

 # Find the full log entry associated with the PID
 poll=$(grep "\[$pollpid\] incoming session with" "$BINKLOG")

 ip=$(echo "$poll" | sed -n 's/.*\[\([^]]*\)\]$/\1/p')

 # Extract the IPv4 address from the log entry
 if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then

  # Convert to CIDR format
  cidr="${ip%.*}.0/24"

  # Check if the CIDR is already in the block4 IP set
  if ! sudo ipset test block4 "$cidr" >/dev/null 2>&1; then
   # Add the CIDR to the block4 IP set and save changes
   sudo ipset add block4 "$cidr"
   sudo ipset save > /etc/iptables/ipsets
  fi

 elif [[ "$ip" =~ ^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$ || "$ip" == *"::"* ]]; then

  # Convert to CIDR format
  cidr=`echo "$ip" | cut -d: -f1-4`\:\:\/64

  # Check if the CIDR is already in the block6 IP set
  if ! sudo ipset test block6 "$cidr" >/dev/null 2>&1; then
   # Add the CIDR to the block6 IP set and save changes
   sudo ipset add block6 "$cidr"
   sudo ipset save > /etc/iptables/ipsets
  fi
 fi
fi

You can also get a copy from:
https://nrbbs.net/binkblock.sh.txt


Jay

.... If you can't learn to do it well, learn to enjoy doing it badly

--- Mystic BBS v1.12 A49 2024/05/29 (Linux/64)
 * Origin: Northern Realms (21:3/110)

.