Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Esta herramienta se baja todo bloques de red de acceso y bloqueo de Facebook al sitio vía IPTables.
- ----------------------------------------------------------------------------------------------------------
- #!/bin/bash
- #
- #############################################################################
- #
- # Copyright (C) 2012 Alexandru Cuciureanu
- #
- # This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, either version 3 of the License, or
- # (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program. If not, see <http://www.gnu.org/licenses/>.
- #
- #############################################################################
- IPT="iptables"
- BACKUP_FILENAME="iptables.backup.$(date +"%d%m%y%H%M%S")"
- RULE_TAG="ANTI-FACEBOOK-RULE"
- IPTABLES_RULE_FILENAME="iptables"
- # clear up the screen and showoff the brand
- clear
- echo ' ___________ '
- echo -e ' |.---------.| \e[1;41m_____,BAN FACEBOOK SSL,____\e[00m'
- echo -e ' || || \e[1;41m ! TO EMPLOYERS ONLY ! \e[00m '
- echo -e ' || \e[1;33m BFSSL \e[00m || '
- echo -e ' || || \e[1;32mTHIS WILL INCREASE THE PRODUCTIVITY\e[00m '
- echo -e ' |`---------' '| \e[1;32mDROP THE ACCESS THROUGH SSL TO FACEBOOK!\e[00m '
- echo ' `)__ ____(; '
- echo ' [=== -- o ]--. author: Alexandru Cuciureanu '
- echo ' __' '---------' '__ \ greetings to: Gabriel Buleac (best sysadmin) '
- echo ' [::::::::::: :::] ) '
- echo ' `"""""""""""""`/T\ contact me: alexandru.cuciureanu[at]gmail.com '
- echo ' \_/ '
- echo
- # dumping the ip4v classes of Facebook.com
- echo -ne "[+] Welcome to BAN FACEBOOK SSL !!!\n"
- # Checking if the Linux distro is CentOS
- echo -n "[*] Verifying if this is CentOS..."
- if cat /etc/*-release | grep CentOS >/dev/null 2>&1 ; then
- echo -e "\t[\e[01;32mVERSION OK\e[00m]"
- else
- echo -e "\t[\e[01;31mThis is NOT CentOS\e[00m]"
- exit 1
- fi
- # Checking if there's wget installed on the machine, otherwise
- # BAN-FACEBOOK-SSL will install it for the user
- hash wget &> /dev/null
- if [ $? -eq 1 ]; then
- echo -ne "\tInstalling wget on your machine..."
- yum -q -y install wget
- if (( !$? )); then
- echo -e "\t[\e[01;32mDONE\e[00m]"
- else
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- echo -n "Please install wget to make BAN FACEBOOK SSL work. :)"
- exit 1
- fi
- fi
- echo -n "[+] Downloading the classes of Facebook.com..."
- wget -q -O ipv4_fb_classes.yaml http://stat.ripe.net/data/prefix-list/AS32934
- if (( $? )); then
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- exit 1
- else
- echo -e "\t[\e[01;32mDONE\e[00m]"
- fi
- echo -ne "\t[~] Dumping classes..."
- cat ipv4_fb_classes.yaml | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,3}' > ipv4_fb_classes.res
- if (( !$? )); then
- echo -e "\t[\e[01;32mDONE\e[00m]"
- else
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- exit 1
- fi
- rm -rf ipv4_fb_classes.yaml
- ###############################################################
- if [ -f $IPTABLES_RULE_FILENAME ]; then
- #check if Anti-Facebook RULE is applied
- if grep -q "ANTI-FACEBOOK-RULE" iptables.save
- then
- echo -e "\e[41m\e[1;37mAnti\e[00m\e[44mFacebook\e[00m \e[01;32mSSL Rules are applied!\e[00m"
- exit 1
- fi
- fi
- # let's backup iptables.conf to the local folder
- echo -en "\n[+] Creating backup of iptables.conf to the local folder..."
- iptables-save > backups/$BACKUP_FILENAME
- echo -e "\t[\e[01;32mDONE\e[00m]"
- # setting rules for iptables to DROP the Facebook classes
- ipv4_class_dump=( $(< "ipv4_fb_classes.res" ) )
- ipv4_class_dump_size="${#ipv4_class_dump[@]}"
- if ! iptables -L "ANTI-FACEBOOK-CHAIN" -n >/dev/null 2>&1 ; then
- echo -ne "\t\e[-1;31m[!] ANTI-FACEBOOK-CHAIN doesn't exist!\e[00m\n"
- sleep 0.5
- echo -ne "\t[>] Creating ANTI-FACEBOOK-CHAIN..."
- iptables -N "ANTI-FACEBOOK-CHAIN" >/dev/null 2>&1
- if (( !$? )); then
- echo -e "\t[\e[01;32mDONE\e[00m]"
- iptables -t filter -A OUTPUT -j ANTI-FACEBOOK-CHAIN #adding a jump to our ANTI-FACEBOOK-CHAIN
- echo -ne "\t[+] Adding the jump to our ANTI-FACEBOOK-CHAIN..."
- if (( !$? )) ; then
- echo -e "\t[\e[01;32mDONE\e[00m]"
- else
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- fi
- else
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- echo -ne "FAILED to write the ANTI-FACEBOOK-CHAIN in iptables."
- exit 1
- fi
- else
- echo -ne "{!} There are ANTI-FACEBOOK-RULEs applied already.\nPlease double check and try again!\n"
- rm -rf ipv4_fb_classes.res
- exit 1
- fi
- for ((i=0;i<$ipv4_class_dump_size;i++));
- do
- echo -ne "\t[+] Setting up blocking rule for class" ${ipv4_class_dump[${i}]}
- $IPT -A ANTI-FACEBOOK-CHAIN -p tcp --destination ${ipv4_class_dump[${i}]} --dport 443 -m comment --comment "ANTI-FACEBOOK-RULE" -j DROP
- sleep 0.10
- if (( !$? )); then
- echo -e "\t[\e[01;32mOK\e[00m]"
- else
- echo -e "\t[\e[01;31mFAILED\e[00m]"
- fi
- done
- rm -rf ipv4_fb_classes.res
- # do you want to save iptables?
- echo -n "Would you like to save iptables? (y/n) "
- read yn
- if [ "$yn" == "y" ] ; then
- echo -ne "\t[+] Initiating iptables-save..."
- ## service iptables save
- echo -e "\t[\e[01;32mPROCEEDING\e[00m]"
- service iptables save
- echo -n "Do you want to restart your firewall now? (y/n) "
- read restartfwyn
- if [ "$restartfwyn" == "y" ] ; then
- service iptables restart
- fi
- else
- echo -ne "GoodBye!\n"
- exit 1
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
