D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
self
/
root
/
opt
/
dedrads
/
Filename :
allfw
back
Copy
#!/bin/bash #created by tylern #todo factor in iptables-legacy for g4 and newer dedis. set -euo pipefail # Colors GREEN='\033[0;32m' NC='\033[0m' # No Color RED='\033[0;31m' YELLOW='\033[0;33m' # Verify this is a cPanel server (allow help to run regardless) if [[ ! -d /usr/local/cpanel ]]; then if [[ "${1:-}" != "-h" && "${1:-}" != "--help" && "${1:-}" != "help" ]]; then echo -e "${RED}Error: This script requires cPanel. /usr/local/cpanel not found.${NC}" >&2 exit 1 fi fi is_valid_ip() { local ip="$1" # IPv4 or IPv4/CIDR if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}(/[0-9]{1,2})?$ ]]; then return 0 fi return 1 } allow_ip() { if [[ -z "${1:-}" ]]; then echo -e "${RED}Error: No IP address provided${NC}" return 1 fi if ! is_valid_ip "$1"; then echo -e "${RED}Error: Invalid IP address format: $1${NC}" return 1 fi echo -e "\n${GREEN}Whitelisting $1 in.....${NC}" #see https://api.docs.cpanel.net/openapi/whm/operation/flush_cphulk_login_history_for_ips/ echo -e "\n${GREEN}...Cphulk Firewall${NC}" whmapi1 flush_cphulk_login_history_for_ips ip="$1" 2>/dev/null || true /scripts/cphulkdwhitelist "$1" 2>/dev/null || true if [[ -f /etc/csf/csf.conf ]]; then echo -e "\n${GREEN}...CSF${NC}" csf -a "$1" 2>/dev/null || true else echo -e "\n${GREEN}...APF${NC}" apf -a "$1" 2>/dev/null || true fi #imunify blocks #https://docs.imunify360.com/command_line_interface/#whitelist if [[ -d /etc/imunify360/ ]]; then echo -e "\n${GREEN}...Imunify360${NC}" imunify360-agent whitelist ip add "$1" 2>/dev/null || true fi } deny_ip() { if [[ -z "${1:-}" ]]; then echo -e "${RED}Error: No IP address provided${NC}" return 1 fi if ! is_valid_ip "$1"; then echo -e "${RED}Error: Invalid IP address format: $1${NC}" return 1 fi echo -e "\n${RED}Blacklisting $1 in.....${NC}" #see https://api.docs.cpanel.net/openapi/whm/operation/flush_cphulk_login_history_for_ips/ echo -e "\n${RED}...Cphulk Firewall${NC}" whmapi1 flush_cphulk_login_history_for_ips ip="$1" 2>/dev/null || true /scripts/cphulkdblacklist "$1" 2>/dev/null | grep -F "$1" || true if [[ -f /etc/csf/csf.conf ]]; then echo -e "\n${RED}...CSF${NC}" csf -d "$1" 2>/dev/null || true else echo -e "\n${RED}...APF${NC}" apf -d "$1" 2>/dev/null || true fi #imunify blocks #https://docs.imunify360.com/command_line_interface/#blacklist if [[ -d /etc/imunify360/ ]]; then echo -e "\n${RED}...Imunify360${NC}" imunify360-agent blacklist ip add "$1" 2>/dev/null || true fi } view_ip() { if [[ -z "${1:-}" ]]; then echo -e "${RED}Error: No IP address provided${NC}" return 1 fi if ! is_valid_ip "$1"; then echo -e "${RED}Error: Invalid IP address format: $1${NC}" return 1 fi echo -e "\n${YELLOW}Looking for $1 in.....${NC}\n" #https://api.docs.cpanel.net/openapi/whm/operation/read_cphulk_records/ echo -e "\n${YELLOW}cPHulk Blacklist${NC}" whmapi1 read_cphulk_records list_name='black' 2>/dev/null | grep -F "$1" || true echo -e "\n${YELLOW}cPHulk Whitelist${NC}" whmapi1 read_cphulk_records list_name='white' 2>/dev/null | grep -F "$1" || true echo -e "\n${YELLOW}Fail2ban${NC}" [[ -f /var/log/fail2ban.log ]] && grep -F "$1" /var/log/fail2ban.log | tail -n2 || true echo -e "\n${YELLOW}SSH/FTP${NC}" [[ -f /var/log/messages ]] && grep -F "$1" /var/log/messages | tail -n2 || true [[ -f /var/log/secure ]] && grep -F "$1" /var/log/secure | tail -n2 || true echo -e "\n${YELLOW}LFD${NC}" [[ -f /var/log/lfd.log ]] && grep -F "$1" /var/log/lfd.log | tail -n2 || true echo -e "\n${YELLOW}Email Logins${NC}" [[ -f /var/log/maillog ]] && grep -F "$1" /var/log/maillog | grep 'auth failed' | tail -n2 || true #failing exim [[ -f /var/log/exim_mainlog ]] && grep -F "$1" /var/log/exim_mainlog | grep 'authenticator failed' | tail -n2 || true #Modsec blocks echo -e "\n${YELLOW}ModSecurity${NC}" [[ -f /usr/local/apache/logs/error_log ]] && grep -F "$1" /usr/local/apache/logs/error_log | grep -E 'id "(13052|13051|13504|90334)"' | tail -n2 || true #cPanel blocks echo -e "\n${YELLOW}cPanel${NC}" for logfile in /usr/local/cpanel/logs/access_log /usr/local/cpanel/logs/login_log /usr/local/cpanel/logs/error_log; do [[ -f "$logfile" ]] && grep -F "$1" "$logfile" | grep "FAILED LOGIN" | tail -n2 || true done #apf/csf logs, requires root echo -e "\n${YELLOW}CSF/APF${NC}" grep -F "$1" /etc/*/*allow* /etc/*/*deny* 2>/dev/null | tail -n2 || true echo -e "\n${YELLOW}iptables${NC}" iptables -L -n 2>/dev/null | grep -F "$1" || true } show_help() { cat << 'EOF' allfw - Unified firewall management for cPanel servers USAGE allfw <command> <ip_address> COMMANDS allow <IP> Whitelist an IP across all firewalls (CSF/APF, cPHulk, Imunify360) deny <IP> Blacklist an IP across all firewalls view <IP> Search logs to find why an IP was blocked (read-only) EXAMPLES allfw allow 192.168.1.100 allfw deny 10.0.0.50 allfw view 203.0.113.25 LOGS SEARCHED (view command) cPHulk: whmapi1 read_cphulk_records Fail2Ban: /var/log/fail2ban.log SSH/FTP: /var/log/messages, /var/log/secure LFD: /var/log/lfd.log Email: /var/log/maillog Exim: /var/log/exim_mainlog ModSecurity: /usr/local/apache/logs/error_log cPanel: /usr/local/cpanel/logs/login_log CSF/APF: /etc/*/*allow*, /etc/*/*deny* DOCUMENTATION CSF: https://support.cpanel.net/hc/en-us/articles/360058211754 cPHulk: https://docs.cpanel.net/knowledge-base/security/cphulk-management-on-the-command-line/ Imunify: https://docs.imunify360.com/command_line_interface/#whitelist EOF } case "${1:-}" in allow) allow_ip "${2:-}" ;; view) view_ip "${2:-}" ;; deny) deny_ip "${2:-}" ;; -h|--help|help|*) show_help ;; esac