Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- #
- # p2partisan v5.01 (04/04/2015) BETA
- #
- # <CONFIGURATION> ###########################################
- # Adjust location where the files are kept
- P2Partisandir=/cifs1/p2partisan
- #
- # Enable logging? Use only for troubleshooting. 0=off 1=on
- syslogs=1
- # Maximum number of logs to be recorded in a given 60 min
- # Consider set this very low (like 3 or 6) once your are
- # happy with the installation. To troubleshoot blocked
- # connection close all the secondary traffic e.g. p2p
- # and try a connection to the blocked site/port you should
- # find a reference in the logs.
- maxloghour=1
- #
- # Ports to be whitelisted. Whitelisted ports will never be
- # blocked no matter what the source/destination IP is.
- # This is very important if you're running a service like
- # e.g. SMTP/HTTP/IMAP/else. Separate value in the list below
- # with commas - NOTE: It is suggested to leave the following ports
- # always on as a minimum:
- # tcp:43,80,443
- # udp:53,67,68,123,1194:1196
- # you might want to append remote admin and VPN ports, and
- # anything else you think it's relevant.
- # Standard iptables syntax, individual ports divided by "," and ":" to
- # define a range e.g. 80,443,2100:2130. Do not whitelist you P2P client!
- #whiteports=21,25,44,53,80,123,443,465,993,1194:1197,1723,3658,4000:4200,4380,5730:5739,6665:6670,8080,8800:8899,14020,27000:27050
- whiteports_tcp=25,43,44,80,443,465,993,3658,4000:4200,4380,5730:5739,6665:6670,8080,8800:8899,14020,27000:27050
- whiteports_udp=44,53,123,1194:1197,1723,3658,4000:4200,4380,5730:5739,6665:6670,8800:8899,14020,27000:27050
- #
- # Greyports are port/s you absolutely want to filter against lists.
- # Think of an Internet host that has its P2P client set on port 53 UDP.
- # If you have the DNS port is in the whiteports_udp then P2Partisan would
- # be completely bypassed. Internet-client:53 -> your-client:"P2Pport""
- # greyport is in a nutshell a list of port/s used by your LAN P2Pclient/s.
- # It's suggested you disable random port on your P2Pclient and add the
- # client port/s here. NOTE:
- # Accepted syntax: single port, multiple ports and ranges e.g.
- # greyports=22008,6789
- # the above would grey list 22008 and 6789. Don't know your client port?
- # try ./p2partisan.sh detective
- greyports_tcp=22008
- greyports_udp=22008
- #
- # Greyline is the limit of connections per given "IP:port" above which
- # Detective becomes suspicious. NOTE: This counts 1/2 of the sessions the
- # router actually reports on because of the NAT implication. So this number
- # represents the session as seen on the LAN client. Affects detective only.
- greyline=100
- #
- # Fastrouting will process the IP classes very quickly but use
- # Lot of resources. If you disable the effect is transparent
- # but the full process will take minutes rather than seconds
- # 0=disabled 1=enabled
- fastroutine=1
- #
- # Enable check on script availability to help autorun.
- # If the ./partisan.sh is remote wait for the file to be available
- # instead of quit with a file missing error
- autorun_availability_check=1
- #
- # Schedule updates? (once a week is plenty). Custom syntax:
- # m = random minute picked up in the range[0-59]
- # h = random hour picked up in the range [1-5]am
- # d = random day of the week picked up in the range Sun to Sat [0-6]
- # if unwanted set your own specific time e.g.
- # "30 4 * * 1" 4:30 on a Monday
- # or use a combination e.g. random minute at 1am on a Tuesday:
- # "m 1 * * 3"
- # Specify this always in between "" please
- schedule="m h * * d"
- #
- # IP for testing Internet connectivity
- testip=8.8.8.8
- # </CONFIGURATION> ###########################################
- paranoiastuck=`iptables -L | grep PARANOIA | wc -l`
- if [[ $paranoiastuck -lt 1 ]]; then
- # Wait until Internet is available
- while :
- do
- ping -c 3 $testip >/dev/null 2>&1
- if [ $? = 0 ]; then
- break
- fi
- sleep 5
- done
- fi
- pidfile="/var/run/p2partisan.pid"
- cd $P2Partisandir
- version=`head -3 ./p2partisan.sh | tail -1 | cut -f 3- -d " "`
- alias ipset='/bin/nice -n19 /usr/sbin/ipset'
- alias sed='/bin/nice -n19 /bin/sed'
- alias iptables='/usr/sbin/iptables'
- alias service='/sbin/service'
- alias plog='logger -t "| P2PARTISAN" -s'
- now=`date +%s`
- wanif=`nvram get wan_ifname`
- lanif=`nvram get lan_ifname`
- # DHCP hardcoded patch
- p1=`echo $whiteports_udp | grep -Eo '[,|:]67[,|:| ]' | wc -l`
- p2=`echo $whiteports_udp | grep -Eo '[,|:]68[,|:| ]' | wc -l`
- if [ $p1 -eq "0" ]; then
- whiteports_udp=${whiteports_udp},67
- fi
- if [ $p2 -eq "0" ]; then
- whiteports_udp=${whiteports_udp},68
- fi
- psoftstop() {
- [ -f /tmp/p2partisan.loading ] && echo "P2Partisan is still loading. Can't stop right now Exiting..." && exit
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | | __| |_.-----.-----.
- | |__ | _| _ | _ |
- | Soft |_______|____|_____| __|
- | |__|
- |
- +---------------------------------------------------------------+"
- echo -e "| Stopping P2Partisan..."
- ./iptables-del 2> /dev/null
- plog "Stopping P2Partisan..."
- [ -f $pidfile ] && rm -f "$pidfile" 2> /dev/null
- [ -f iptables-add ] && rm -f "iptables-add" 2> /dev/null
- [ -f iptables-del ] && rm -f "iptables-del" 2> /dev/null
- echo "+---------------------------------------------------------------+"
- }
- pblock() {
- plog "P2PArtisan: Applying paranoia block"
- iptables -N PARANOIA-DROP 2> /dev/null
- echo $whiteports_tcp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| loading whitelisted ports $w exemption for paranoia-update"
- iptables -A PARANOIA-DROP -p tcp --match multiport --sports $w -j ACCEPT 2> /dev/null
- iptables -A PARANOIA-DROP -p tcp --match multiport --dports $w -j ACCEPT 2> /dev/null
- done
- echo $whiteports_udp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| loading whitelisted UDP ports $w exemption"
- iptables -A PARANOIA-DROP -p udp --match multiport --sports $w -j ACCEPT 2> /dev/null
- iptables -A PARANOIA-DROP -p udp --match multiport --dports $w -j ACCEPT 2> /dev/null
- done
- iptables -A PARANOIA-DROP -m set --set whitelist dst -j ACCEPT 2> /dev/null
- iptables -A PARANOIA-DROP -m limit --limit $maxloghour/hour --limit-burst 5 -j LOG --log-prefix "P2Partisan DROP (PARANOIA) >> " --log-level 1 2> /dev/null
- iptables -A PARANOIA-DROP -j DROP
- iptables -I wanin 1 -i $wanif -m state --state NEW -j PARANOIA-DROP 2> /dev/null
- iptables -I wanout 1 -o $wanif -m state --state NEW -j PARANOIA-DROP 2> /dev/null
- iptables -I INPUT 1 -i $wanif -m state --state NEW -j PARANOIA-DROP 2> /dev/null
- iptables -I OUTPUT 1 -o $wanif -m state --state NEW -j PARANOIA-DROP 2> /dev/null
- }
- punblock() {
- while iptables -L wanin 2> /dev/null | grep "PARANOIA-DROP" > /dev/null 2>&1
- do
- iptables -D wanin -i $wanif -m state --state NEW -j PARANOIA-DROP > /dev/null 2>&1
- done
- while iptables -L wanout 2> /dev/null | grep "PARANOIA-DROP" > /dev/null 2>&1
- do
- iptables -D wanout -o $wanif -m state --state NEW -j PARANOIA-DROP > /dev/null 2>&1
- done
- while iptables -L OUTPUT 2> /dev/null | grep "PARANOIA-DROP" > /dev/null 2>&1
- do
- iptables -D OUTPUT -o $wanif -m state --state NEW -j PARANOIA-DROP > /dev/null 2>&1
- done
- while iptables -L INPUT 2> /dev/null | grep "PARANOIA-DROP" > /dev/null 2>&1
- do
- iptables -D INPUT -i $wanif -m state --state NEW -j PARANOIA-DROP > /dev/null 2>&1
- done
- iptables -F PARANOIA-DROP 2> /dev/null && plog "P2PArtisan: Removing paranoia block"
- iptables -X PARANOIA-DROP 2> /dev/null
- }
- pforcestop() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | | __| |_.-----.-----.
- | |__ | _| _ | _ |
- | Hard |_______|____|_____| __|
- | |__|
- |
- +---------------------------------------------------------------+"
- counter=0
- while iptables -L wanin 2> /dev/null | grep P2PARTISAN-IN > /dev/null 2>&1
- do
- iptables -D wanin -i $wanif -m state --state NEW -j P2PARTISAN-IN > /dev/null 2>&1
- done
- while iptables -L wanout 2> /dev/null | grep P2PARTISAN-OUT > /dev/null 2>&1
- do
- iptables -D wanout -o $wanif -m state --state NEW -j P2PARTISAN-OUT > /dev/null 2>&1
- done
- while iptables -L INPUT | grep P2PARTISAN-IN > /dev/null 2>&1
- do
- iptables -D INPUT -i $wanif -m state --state NEW -j P2PARTISAN-IN > /dev/null 2>&1
- done
- while iptables -L OUTPUT | grep P2PARTISAN-OUT > /dev/null 2>&1
- do
- iptables -D OUTPUT -o $wanif -m state --state NEW -j P2PARTISAN-OUT > /dev/null 2>&1
- done
- iptables -F P2PARTISAN-DROP-IN > /dev/null 2>&1
- iptables -F P2PARTISAN-DROP-OUT > /dev/null 2>&1
- iptables -F P2PARTISAN-LISTS-IN > /dev/null 2>&1
- iptables -F P2PARTISAN-LISTS-OUT > /dev/null 2>&1
- iptables -F P2PARTISAN-IN > /dev/null 2>&1
- iptables -F P2PARTISAN-OUT > /dev/null 2>&1
- iptables -X P2PARTISAN-DROP-IN > /dev/null 2>&1
- iptables -X P2PARTISAN-DROP-OUT > /dev/null 2>&1
- iptables -X P2PARTISAN-LISTS-IN > /dev/null 2>&1
- iptables -X P2PARTISAN-LISTS-OUT > /dev/null 2>&1
- iptables -X P2PARTISAN-IN > /dev/null 2>&1
- iptables -X P2PARTISAN-OUT > /dev/null 2>&1
- ipset -F > /dev/null 2>&1
- for i in `ipset --list | grep Name | cut -f2 -d ":" `; do
- ipset -X $i > /dev/null 2>&1
- done
- chmod 777 ./*.gz > /dev/null 2>&1
- [ -f iptables-add ] && rm iptables-add
- [ -f iptables-del ] && rm iptables-del
- [ -f ipset-del ] && rm ipset-del
- [ -f $pidfile ] && rm -f "$pidfile" > /dev/null 2>&1
- [ -f runtime ] && rm -f "runtime" > /dev/null 2>&1
- [ -f /tmp/p2partisan.loading ] && rm -r "status.loading" >/dev/null 2>&1
- plog " Unloading ipset modules"
- lsmod | grep "ipt_set" > /dev/null 2>&1 && sleep 2 ; rmmod -f ipt_set > /dev/null 2>&1
- lsmod | grep "ip_set_iptreemap" > /dev/null 2>&1 && sleep 2 ; rmmod -f ip_set_iptreemap > /dev/null 2>&1
- lsmod | grep "ip_set" > /dev/null 2>&1 && sleep 2 ; rmmod -f ip_set > /dev/null 2>&1
- plog " Removing the list files"
- cat blacklists | grep -v "^#" | grep -v "^$" | tr -d "\r" |
- (
- while read line
- do
- counter=`expr $counter + 1`
- name=`echo $line | awk '{print $1}'`
- echo "| Removing blacklist #$counter --> ***$name***"
- [ -f ./$name.gz ] && rm -f ./$name.gz > /dev/null 2>&1
- done
- )
- plog " P2Partisan stopped."
- echo -e "+---------------------------------------------------------------+"
- }
- pstatus() {
- counter=0
- running3=`iptables -L INPUT 2> /dev/null | grep P2PARTISAN-IN | wc -l`
- running4=`[ -f $pidfile ] && echo 1 || echo 0`
- running5=`nvram get script_fire | grep "p2partisan.sh ]" >/dev/null && echo "\033[1;32mYes\033[0;39m" || echo "\033[1;31mNo\033[0;39m"`
- running6=`cru l | grep P2Partisan-update >/dev/null && echo "\033[1;32mYes\033[0;39m" || echo "\033[1;31mNo\033[0;39m"`
- running7=`tail -200 /var/log/messages | grep Dropped | tail -1 | awk '{printf "| %s %s %s ",$1,$2,$3;for (i=4;i<=NF;i++) if ($i~/(IN|OUT|SRC|DST|PROTO|SPT|DPT)=/) printf "%s ",$i;print ""}'`
- running7a=`tail -200 /var/log/messages | grep Rejected | tail -1 | awk '{printf "| %s %s %s ",$1,$2,$3;for (i=4;i<=NF;i++) if ($i~/(IN|OUT|SRC|DST|PROTO|SPT|DPT)=/) printf "%s ",$i;print ""}'`
- running9=`nvram get script_fire | grep "P2Partisan-tutor" >/dev/null && echo "\033[1;32mYes\033[0;39m" || echo "\033[1;31mNo\033[0;39m"`
- runningA=`cat /var/log/messages | grep "Applying paranoia" | wc -l`
- runningB=`cat /var/log/messages | grep "Stuck on Loading" | wc -l`
- runningC=`cat blacklists | grep -v "^#" | grep -v "^$" | tr -d "\r" | wc -l`
- runningD=`[ -f ./runtime ] && cat ./runtime`
- runningF=`iptables -L P2PARTISAN-DROP-IN 2> /dev/null | grep DEBUG | wc -l`
- from=`[ -f ./iptables-add ] && head -1 ./iptables-add 2> /dev/null | awk '{print $2}'`
- runtime=`echo $(( $now - $from ))`
- d=`echo $(( $runtime / 86400 ))`
- h=`echo $((( $runtime / 3600 ) %24 ))`
- m=`echo $((( $runtime / 60 ) %60 ))`
- s=`echo $(( $runtime %60 ))`
- runtime=`printf "$d - %02d:%02d:%02d\n" $h $m $s`
- drop_packet_count_in=`iptables -vL P2PARTISAN-DROP-IN 2> /dev/null | grep " DROP " | awk '{print $1}'`
- drop_packet_count_out=`iptables -vL P2PARTISAN-DROP-OUT 2> /dev/null | grep " REJECT " | awk '{print $1}'`
- if [ -e ./iptables-debug-del ]; then
- dfrom=`[ -f ./iptables-debug ] && head -1 ./iptables-debug 2> /dev/null | awk '{print $2}'`
- druntime=`echo $(( $now - $dfrom ))`
- h=`echo $((( $druntime / 3600 ) %24 ))`
- m=`echo $((( $druntime / 60 ) %60 ))`
- s=`echo $(( $druntime %60 ))`
- druntime=`printf "%02d:%02d:%02d\n" $h $m $s`
- dendtime=`[ -f ./iptables-debug-del ] && head -2 ./iptables-debug-del | tail -n 1 | awk '{print $2}'`
- ttime=`echo $(( $dendtime / 60 ))`
- ttime=`echo $(( $dfrom + $dendtime ))`
- leftime=`echo $(( $ttime - $now ))`
- m=`echo $((( $leftime / 60 ) %60 ))`
- s=`echo $(( $leftime %60 ))`
- leftime=`printf "%02d:%02d:%02d\n" $h $m $s`
- zzztime=`echo $(( $dendtime / 60 ))`
- fi
- if [[ $running3 -eq "0" ]] && [[ $running4 -eq "0" ]]; then
- running8="\033[1;31mNo\033[0;39m"
- elif [[ $running3 -eq "0" ]] && [[ $running4 -eq "1" ]]; then
- running8="\033[1;35mLoading...\033[0;39m"
- elif [[ $running3 -gt "0" ]] && [[ $running4 -eq "0" ]]; then
- running8="\033[1;31mNot quite... try to run \"p2partisan.sh update\"\033[0;39m"
- else
- running8="\033[1;32mYes\033[0;39m"
- fi
- if [[ $runningF -eq 1 ]]; then
- runningF="\033[1;31mOn\033[0;39m IP \033[1;33m`iptables -L P2PARTISAN-DROP-IN 2> /dev/null | grep DEBUG | awk '{print $5}'` \033[1;33m$f\033[0;39mrunning for \033[1;33m$druntime\033[0;39m /\033[1;33m$zzztime\033[0;39m min (\033[1;33m$leftime\033[0;39m left)"
- else
- runningF="Off"
- fi
- whiteip=`ipset -L whitelist 2> /dev/null | grep -E "(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" | wc -l`
- whiteextra=`ipset -L whitelist 2> /dev/null | grep -E '(^10\.|(^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.)|^192\.168\.)' | wc -l`
- if [[ $whiteextra == "0" ]]; then
- whiteextra=" "
- else
- whiteextra=`echo "/ $whiteextra" LAN IP ref defined`
- fi
- blackip=`ipset -L blacklist-custom 2> /dev/null | grep -E "(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])" | wc -l`
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __ __
- | | __| |_.---.-.| |_.--.--.-----.
- | |__ | _| _ || _| | |__ --|
- | |_______|____|___._||____|_____|_____|
- |
- | Release version: $version
- +---------------------------------------------------------------+
- | Running: $running8
- | Autorun: $running5
- | Scheduled: $running6 / $runningA since device boot
- | Tutor: $running9 / $runningB since device boot
- | Debugger: $runningF
- +---------------------------------------------------------------+
- | Uptime: $runtime
- | Startup time: $runningD seconds
- | Dropped in: $drop_packet_count_in
- | Rejected out: $drop_packet_count_out
- +---------------------------------------------------------------+
- | Black IPs: $blackip
- | White IPs: $whiteip $whiteextra"
- transmissionenable=`nvram get bt_enable`
- if [ -z $transmissionenable ]; then
- echo "| TransmissionBT: Not available"
- elif [ $transmissionenable -eq 0 ]; then
- echo "| TransmissionBT: Off"
- else
- echo "| TransmissionBT: On"
- # if [ $transmissionenable = 1 ]; then
- transmissionport=`nvram get bt_port 2> /dev/null`
- greyports_tcp=$greyports_tcp,$transmissionport
- greyports_udp=$greyports_udp,$transmissionport
- fi
- echo $greyports_tcp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Grey ports TCP: $w"
- done
- echo $greyports_udp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Grey ports UDP: $w"
- done
- echo $whiteports_tcp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| White ports TCP: $w"
- done
- echo $whiteports_udp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| White ports UDP: $w"
- done
- echo "| Black lists: $runningC"
- echo "+------------------------- Logs --------------------------------+
- | Remember your max logs per hour is set to: $maxloghour
- $running7
- $running7a
- +---------------------------------------------------------------+"
- }
- if [ $autorun_availability_check = 1 ]; then
- av="while true; do [ -f $P2Partisandir/p2partisan.sh ] && break || sleep 5; done ;"
- fi
- pautorunset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | ______ __ __
- | | |.-----.-----.| |_.----.-----.| |
- | | ---|| _ | || _| _| _ || |
- | |______||_____|__|__||____|__| |_____||__|
- |
- +--------------------------- Autorun ---------------------------+"
- p=`nvram get script_fire | grep "p2partisan.sh restart" | grep -v cru | wc -l`
- if [ $p -eq "0" ] ; then
- t=`nvram get script_fire`; t=`printf "$t\n$av$P2Partisandir/p2partisan.sh restart\n"` ; nvram set "script_fire=$t"
- fi
- plog "P2Partisan AUTO RUN is ON"
- echo "+---------------------------------------------------------------+"
- nvram commit
- }
- pautorununset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | ______ __ __
- | | |.-----.-----.| |_.----.-----.| |
- | | ---|| _ | || _| _| _ || |
- | |______||_____|__|__||____|__| |_____||__|
- |
- +--------------------------- Autorun ---------------------------+"
- p=`nvram get script_fire | grep "p2partisan.sh restart" | grep -v cru | wc -l`
- if [ $p -eq "1" ]; then
- t=`nvram get script_fire`; t=`printf "$t" | grep -v "p2partisan.sh restart"` ; nvram set "script_fire=$t"
- fi
- plog "P2Partisan AUTO RUN is OFF"
- echo "+---------------------------------------------------------------+"
- nvram commit
- }
- pscheduleset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | ______ __ __
- | | |.-----.-----.| |_.----.-----.| |
- | | ---|| _ | || _| _| _ || |
- | |______||_____|__|__||____|__| |_____||__|
- |
- +-------------------------- Scheduler --------------------------+"
- cru d P2Partisan-update
- e=`tr -cd 0-5 </dev/urandom | head -c 1`
- f=`tr -cd 0-9 </dev/urandom | head -c 1`
- a=`echo $e$f`
- b=`tr -cd 1-5 </dev/urandom | head -c 1`
- c=`tr -cd 0-6 </dev/urandom | head -c 1`
- d=`echo $c | sed -e 's/0/Sundays/' -e 's/1/Mondays/' -e 's/3/Tuesdays/' -e 's/4/Wednesys/' -e 's/5/Thursdays/' -e 's/6/Fridays/' -e 's/7/Saturdays/'`
- scheduleme=`echo "$schedule" | sed s/m/$a/`
- scheduleme=`echo "$scheduleme" | sed s/h/$b/`
- scheduleme=`echo "$scheduleme" | sed s/d/$c/`
- cru a P2Partisan-update "$scheduleme $P2Partisandir/p2partisan.sh paranoia-update"
- pp=`nvram get script_fire | grep "p2partisan.sh paranoia-update" | grep -v cru | wc -l`
- p=`nvram get script_fire | grep "cru a P2Partisan-update" | wc -l`
- if [ $p -eq "0" ] ; then
- if [ $pp -eq "0" ]; then
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-update \"$scheduleme $P2Partisandir/p2partisan.sh paranoia-update\"\n"` ; nvram set "script_fire=$t"
- else
- pautorununset
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-update \"$scheduleme $P2Partisandir/p2partisan.sh paranoia-update\"\n"` ; nvram set "script_fire=$t"
- pautorunset
- fi
- fi
- plog "P2Partisan AUTO UPDATE is ON"
- echo "| at $b:$a on $d
- +---------------------------------------------------------------+"
- nvram commit
- }
- pscheduleunset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | ______ __ __
- | | |.-----.-----.| |_.----.-----.| |
- | | ---|| _ | || _| _| _ || |
- | |______||_____|__|__||____|__| |_____||__|
- |
- +-------------------------- Schedule ---------------------------+"
- cru d P2Partisan-update
- p=`nvram get script_fire | grep "cru a P2Partisan-update" | wc -l`
- if [ $p -eq "1" ] ; then
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-update \"$schedule $P2Partisandir/p2partisan.sh paranoia-update\"\n" | grep -v "cru a P2Partisan-update"` ; nvram set "script_fire=$t"
- fi
- plog "P2Partisan AUTO UPDATE is OFF"
- echo "+---------------------------------------------------------------+"
- nvram commit
- }
- pdetective() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | __ __ __ __
- | .--| |.-----.| |_.-----.----.| |_|__|.--.--.-----.
- | | _ || -__|| _| -__| __|| _| || | | -__|
- | |_____||_____||____|_____|____||____|__| \___/|_____|
- |
- +---------------------------------------------------------------+"
- echo "| After an investigation it appears that the following socket/s
- | should be considered a greyports candidates. Consider adding the
- | ports under greyports_tcp & greyports_udp.
- +---------------------------------------------------------------+"
- cat /proc/net/ip_conntrack | awk '{for (i=1;i<=NF;i++) if ($i~/(src|dst|sport|dport)=/) printf "%s ",$i;print "\n"}' | grep -vE '^$' | sed s/\ src=/'\n'/ | awk '{print $1" "$3" "$2" "$4}' | sed s/\ dst=/'\n'/ | sed s/sport=// | sed s/dport=// | grep -E '(^10\.|(^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.)|^192\.168\.)' | grep -v "`nvram get lan_ipaddr`$" | grep -v "`nvram get lan1_ipaddr`$" | awk '/[0-9]/ {cnt[$1" "$2]++}END{for(k in cnt) print cnt[k],k}' | sort -nr | while read socket; do echo $socket | if [ `cut -f1 -d" "` -gt $greyline ];then echo $socket | awk '{print "| "$2" "$3" - "$1" Sessions"}'; fi ; done
- echo "+---------------------------------------------------------------+"
- }
- pupgrade() {
- [ -f p2partisan_new.sh ] && rm -f "p2partisan_new.sh" 2> /dev/null
- wget -q -O - http://pastebin.com/raw.php?i=eDgM0S5i | grep "p2partisan v" | grep -v grep> ./latest
- latest=`cat ./latest | cut -c3-31`
- current=`cat ./p2partisan.sh | grep "p2partisan v" | head -1 | cut -c3-32 `
- if [[ "$latest" == "$current" ]]; then
- echo "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | | | |.-----.-----.----.---.-.--| |.-----.
- | | | || _ | _ | _| _ | _ || -__|
- | |_______|| __|___ |__| |___._|_____||_____|
- | |__| |_____|
- |
- +---------------------------------------------------------------+
- You're already running the latest version of P2Partisan
- "
- else
- echo "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | | | |.-----.-----.----.---.-.--| |.-----.
- | | | || _ | _ | _| _ | _ || -__|
- | |_______|| __|___ |__| |___._|_____||_____|
- | |__| |_____|
- |
- +---------------------------------------------------------------+
- | There's a new P2Partisan update available. Do you want to upgrade?
- |
- | current = $current
- |
- | to
- |
- | latest = $latest
- |
- | y/n"
- read answer
- if [[ $answer == "y" ]]; then
- wget -q -O ./p2partisan_new.sh http://pastebin.com/raw.php?i=eDgM0S5i
- pupgraderoutine
- else
- echo "| Upgrade skipped. Quitting...
- +---------------------------------------------------------------+"
- exit
- fi
- fi
- }
- pupgradebeta() {
- [ -f p2partisan_new.sh ] && rm -f "p2partisan_new.sh" 2> /dev/null
- wget -q -O - http://pastebin.com/raw.php?i=qe79uDJi | grep "p2partisan v" | grep -v grep > ./latest
- echo "| Do you want to install the latest testing beta (not suggested)?
- |
- | y/n"
- read answer
- if [[ $answer == "y" ]]; then
- wget -q -O ./p2partisan_new.sh http://pastebin.com/raw.php?i=qe79uDJi
- pupgraderoutine
- else
- echo "| Beta upgrade skipped. Quitting...
- +---------------------------------------------------------------+"
- exit
- fi
- }
- pupgraderoutine() {
- echo "| Upgrading, please wait:"
- echo "| 1/6) Stopping the script"
- pforcestop
- [ -f p2partisan_new.sh ] || plog "There's a problem with the p2partisan upgrade. Please try again"
- echo "| 2/6) Migrating the configuration"
- sed '1,/P2Partisandir/{s@P2Partisandir=.*@'"P2Partisandir=$P2Partisandir"'@'} -i ./p2partisan_new.sh
- sed '1,/syslogs/{s@syslogs=.*@'"syslogs=$syslogs"'@'} -i ./p2partisan_new.sh
- sed '1,/maxloghour/{s@maxloghour=.*@'"maxloghour=$maxloghour"'@'} -i ./p2partisan_new.sh
- sed '1,/whiteports_tcp/{s@whiteports_tcp=.*@'"whiteports_tcp=$whiteports_tcp"'@'} -i ./p2partisan_new.sh
- sed '1,/whiteports_udp/{s@whiteports_udp=.*@'"whiteports_udp=$whiteports_udp"'@'} -i ./p2partisan_new.sh
- sed '1,/greyports_tcp/{s@greyports_tcp=.*@'"greyports_tcp=$greyports_tcp"'@'} -i ./p2partisan_new.sh
- sed '1,/greyports_udp/{s@greyports_udp=.*@'"greyports_udp=$greyports_udp"'@'} -i ./p2partisan_new.sh
- sed '1,/greyline/{s@greyline=.*@'"greyline=$greyline"'@'} -i ./p2partisan_new.sh
- sed '1,/fastroutine/{s@fastroutine=.*@'"fastroutine=$fastroutine"'@'} -i ./p2partisan_new.sh
- sed '1,/autorun_availability_check/{s@autorun_availability_check=.*@'"autorun_availability_check=$autorun_availability_check"'@'} -i ./p2partisan_new.sh
- sed '1,/schedule/{s@schedule=.*@'"schedule=\"$schedule\""'@'} -i ./p2partisan_new.sh
- sed '1,/testip/{s@testip=.*@'"testip=$testip"'@'} -i ./p2partisan_new.sh
- tr -d "\r"< ./p2partisan_new.sh > ./.temp ; mv ./.temp ./p2partisan_new.sh
- echo "| 3/6) Copying p2partisan.sh into p2partisan.sh.old"
- cp ./p2partisan.sh ./p2partisan_old
- echo "| 4/6) Installing new script into p2partisan.sh"
- mv ./p2partisan_new.sh ./p2partisan.sh
- echo "| 5/6) Setting up permissions"
- chmod -R 777 ./p2partisan.sh
- echo -e "| 6/6) all done, \033[1;32mPlease run the script manually!\033[0;39m
- | NOTE: autorun, autoupdate and tutor settings are left as they were found
- +---------------------------------------------------------------+
- "
- exit
- }
- ptutor() {
- pwhitelist
- pblacklistcustom
- running3=`iptables -L INPUT | grep P2PARTISAN-IN 2> /dev/null | wc -l`
- running4=`[ -f $pidfile ] && echo 1 || echo 0`
- runningE=`iptables -L wanin | grep P2PARTISAN-IN 2> /dev/null | wc -l`
- if [[ $runningE -gt "1" ]]; then
- pforcestop
- plog "P2Partisan tutor had to restart due to: iptables redundant rules found"
- pstart
- elif [[ $running3 -eq "1" ]] && [[ $running4 -eq "0" ]]; then
- plog "P2Partisan tutor had to restart due to: pid file missing"
- pforcestop
- pstart
- elif [[ $running3 -eq "0" ]] && [[ $running4 -eq "1" ]]; then
- plog "P2Partisan tutor had to restart due to: iptables instructions missing"
- pforcestop
- pstart
- elif [[ $running3 -ne "1" ]] && [[ $running4 -eq "1" ]]; then
- plog "P2Partisan appears to be loading, I'll wait 5 minutes..."
- sleep 300
- if [[ $running3 -ne "1" ]] && [[ $running4 -eq "1" ]]; then
- plog "P2Partisan tutor had to restart due to Stuck on Loading"
- pforcestop
- pstart
- fi
- else
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | |_ _|.--.--.| |_.-----.----.
- | | | | | || _| _ | _|
- | |___| |_____||____|_____|__|
- |
- +---------------------------------------------------------------+
- | P2Partisan up and running. The tutor is happy
- +---------------------------------------------------------------+ "
- fi
- }
- ptutorset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | |_ _|.--.--.| |_.-----.----.
- | | | | | || _| _ | _|
- | |___| |_____||____|_____|__|
- |
- +-------------------------- Scheduler --------------------------+"
- cru d P2Partisan-tutor
- ab=`tr -cd 0-5 </dev/urandom | head -c 1`
- a=`tr -cd 0-9 </dev/urandom | head -c 1`
- a=`echo $ab$a`
- scheduleme=`echo "$a * * * *"`
- cru a P2Partisan-tutor "$scheduleme $P2Partisandir/p2partisan.sh tutor"
- pp=`nvram get script_fire | grep "p2partisan.sh tutor" | grep -v cru | wc -l`
- p=`nvram get script_fire | grep "cru a P2Partisan-tutor" | wc -l`
- if [ $p -eq "0" ] ; then
- if [ $pp -eq "0" ]; then
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-tutor \"$scheduleme $P2Partisandir/p2partisan.sh tutor\"\n"` ; nvram set "script_fire=$t"
- else
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-tutor \"$scheduleme $P2Partisandir/p2partisan.sh tutor\"\n"` ; nvram set "script_fire=$t"
- fi
- fi
- plog "P2Partisan tutor is ON"
- echo "+---------------------------------------------------------------+"
- nvram commit
- }
- ptutorunset() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | |_ _|.--.--.| |_.-----.----.
- | | | | | || _| _ | _|
- | |___| |_____||____|_____|__|
- |
- +-------------------------- Scheduler --------------------------+"
- cru d P2Partisan-tutor
- p=`nvram get script_fire | grep "cru a P2Partisan-tutor" | wc -l`
- if [ $p -eq "1" ] ; then
- t=`nvram get script_fire`; t=`printf "$t\ncru a P2Partisan-tutor \"$schedule $P2Partisandir/p2partisan.sh tutor\"\n" | grep -v "cru a P2Partisan-tutor"` ; nvram set "script_fire=$t"
- fi
- plog "P2Partisan tutor is OFF"
- echo "+---------------------------------------------------------------+"
- nvram commit
- }
- ptest() {
- checklist="blacklist-custom whitelist `cat blacklists | grep -v "^#" | grep -v "^$" | tr -d "\r" | awk '{print $1}'`"
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __
- | |_ _|.-----.-----.| |_
- | | | | -__|__ --|| _|
- | |___| |_____|_____||____|
- |
- +----------- Lists are sorted in order of precedence -----------+"
- if [[ -z $1 ]]; then
- echo "+---------------------------------------------------------------+
- | Invalid input. Please specify a valid IP address.
- +---------------------------------------------------------------+"
- else
- test=$1
- echo $test | grep -E "(^[2][5][0-5].|^[2][0-4][0-9].|^[1][0-9][0-9].|^[0-9][0-9].|^[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])$" >/dev/null 2>&1 && test=1 || test=0
- if [[ $test -eq 1 ]]; then
- echo $checklist | tr " " "\n" |
- (
- while read LIST
- do
- ipset -T $LIST $1 1>/dev/nul && if [ $LIST = "whitelist" ]; then echo -e "| \033[1;32m$1 found in $LIST\033[0;39m"; else echo -e "| \033[1;31m$1 found in $LIST\033[0;39m"; fi || echo -e "| $1 not found in $LIST"
- done
- )
- echo "+---------------------------------------------------------------+
- | in case of multiple match the first prevails
- +---------------------------------------------------------------+"
- elif [[ $test -eq 0 ]]; then
- echo "| Invalid input. Please specify a valid IP address.
- +---------------------------------------------------------------+"
- fi
- fi
- }
- pdebug() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _____ __
- | | \.-----.| |--.--.--.-----.
- | | -- | -__|| _ | | | _ |
- | |_____/|_____||_____|_____|___ |
- | |_____|
- |
- +--------------------------- Guide -----------------------------+
- | Debug allows to fully log the P2Partisan interventions given a LAN IP
- | Maximum 1 debug at the time / Debug automatically times out or can be forced off manually
- +---------------------------------------------------------------+
- | p2partisan.sh debug <LAN IP> <minutes> Syntax
- | p2partisan.sh debug Displays debug status and this help text
- | p2partisan.sh debug 192.168.0.3 <1-60> Enables debug for the given LAN IP for N min (15 def)
- | p2partisan.sh debug 192.168.0.3 9 Enables debug for the given LAN IP for 9 min
- | p2partisan.sh debug off Disable debug without waiting for the timer
- | p2partisan.sh debug-display <in|out> Syntax
- | p2partisan.sh debug-display Displays in&out debug logs + guide
- | p2partisan.sh debug-display out Same as above but displays outbound records only
- +-------------------------- Activity ---------------------------+"
- echo "$1" | grep -Eo "([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])" >/dev/null 2>&1 && q=0 || q=1
- echo "$1" | grep "off" >/dev/null 2>&1 && off=1 || off=0
- if [ -e ./iptables-debug-del ]; then
- dfrom=`head -1 ./iptables-debug 2> /dev/null | awk '{print $2}'`
- druntime=`echo $(( $now - $dfrom ))`
- h=`echo $((( $druntime / 3600 ) %24 ))`
- m=`echo $((( $druntime / 60 ) %60 ))`
- s=`echo $(( $druntime %60 ))`
- druntime=`printf "%02d:%02d:%02d\n" $h $m $s`
- dendtime=`head -2 ./iptables-debug-del | tail -n 1 | awk '{print $2}'`
- ttime=`echo $(( $dendtime / 60 ))`
- ttime=`echo $(( $dfrom + $dendtime ))`
- leftime=`echo $(( $ttime - $now ))`
- m=`echo $((( $leftime / 60 ) %60 ))`
- s=`echo $(( $leftime %60 ))`
- leftime=`printf "%02d:%02d:%02d\n" $h $m $s`
- zzztime=`echo $(( $dendtime / 60 ))`
- fi
- if [[ $off -eq 1 ]]; then
- f=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG `
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- kill `ps | grep -E "sleep $dendtime$" | awk '{print $1}'`
- plog "| All DEBUG activities have stopped"
- while iptables -L P2PARTISAN-DROP-IN | grep DEBUG > /dev/null 2>&1
- do
- iptables -D P2PARTISAN-DROP-IN 1 > /dev/null 2>&1
- done
- while iptables -L P2PARTISAN-DROP-OUT | grep DEBUG > /dev/null 2>&1
- do
- iptables -D P2PARTISAN-DROP-OUT 1 > /dev/null 2>&1
- done
- echo -e "| Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show debug information, if any.
- +---------------------------------------------------------------+" ; exit
- else
- echo -e "| Debug is currently off and not collecting any information.
- | Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show existing debug information, if any.
- +---------------------------------------------------------------+" ; exit
- fi
- fi
- if [[ -z $1 ]]; then
- f=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | awk '{print $5}'`
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- echo -e "| P2partisan is currently debugging IP \033[1;33m$f\033[0;39m for \033[1;33m$druntime\033[0;39m /\033[1;33m$zzztime\033[0;39m min (\033[1;33m$leftime\033[0;39m left)
- | Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show debug information
- +---------------------------------------------------------------+" ; exit
- elif [[ $fc -eq 0 ]]; then
- echo -e "| Debug is currently off and not collecting any information.
- | Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show existing debug information, if any.
- +---------------------------------------------------------------+" ; exit
- fi
- elif [[ $q -ge 1 ]]; then
- echo -e "| The input \033[1;31m$1\033[0;39m doesn't appear to be a valid IP
- +---------------------------------------------------------------+" ; exit
- fi
- f=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | awk '{print $5}'`
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- echo -e "| P2partisan is currently debugging IP \033[1;33m$f\033[0;39m for \033[1;33m$druntime\033[0;39m /\033[1;33m$zzztime\033[0;39m min (\033[1;33m$leftime\033[0;39m left)
- | NOTE: Only one debug at the time is possible! Command ignored.
- | Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show the debug information
- +---------------------------------------------------------------+" ; exit
- fi
- if [ -z $2 ]; then
- minutes=15
- time=900
- elif [[ $2 -gt 60 ]] || [[ $2 -eq 0 ]]; then
- echo "| Please specify an acceptable time: 1 to 60 (min). If omitted 15 will be used
- | Debug NOT enabled. Exiting...
- +---------------------------------------------------------------+" ; exit
- else
- minutes=$2
- time=` echo $(( $2 * 60 ))`
- fi
- echo "# $now
- iptables -I P2PARTISAN-DROP-IN 1 -d $1 -j LOG --log-prefix \"P2Partisan-DEBUG-IN->> \" --log-level 1 > /dev/null 2>&1
- iptables -I P2PARTISAN-DROP-OUT 1 -s $1 -j LOG --log-prefix \"P2Partisan-DEBUG-OUT->> \" --log-level 1 > /dev/null 2>&1" > ./iptables-debug
- chmod 777 ./iptables-debug > /dev/null 2>&1
- plog "Debug started for IP $1 for $minutes minute"
- ./iptables-debug 1>/dev/null &
- echo -e "| Enabled full debug logging for LAN IP \033[1;32m$1\033[0;39m for \033[1;32m$minutes\033[0;39m minutes
- | Use \033[1;33m./p2partisan.sh debug-display\033[0;39m to show the debug information
- +---------------------------------------------------------------+"
- echo "# $now
- sleep $time
- iptables -D P2PARTISAN-DROP-IN -d $1 -j LOG --log-prefix \"P2Partisan-DEBUG-IN->> \" --log-level 1 > /dev/null 2>&1
- iptables -D P2PARTISAN-DROP-OUT -s $1 -j LOG --log-prefix \"P2Partisan-DEBUG-OUT->> \" --log-level 1 > /dev/null 2>&1" > ./iptables-debug-del
- chmod 777 ./iptables-debug-del 2> /dev/null
- ./iptables-debug-del 1>/dev/null &
- }
- pdebugdisplay() {
- echo -e "
- +------------------------- P2Partisan --------------------------+
- _____ __ __ __ __
- | \.-----.| |--.--.--.-----.______.--| |__|.-----.-----.| |.---.-.--.--.
- | -- | -__|| _ | | | _ |______| _ | ||__ --| _ || || _ | | |
- |_____/|_____||_____|_____|___ | |_____|__||_____| __||__||___._|___ |
- |_____| |__| |_____|
- +---------------------------------------------------------------+
- | p2partisan.sh debug-display Displays in & outbound debug logs
- | p2partisan.sh debug-display in Displays inbound debug logs only
- | p2partisan.sh debug-display out Displays outbound debug logs only
- +-------------------------- Drop Logs --------------------------+"
- dfrom=`head -1 ./iptables-debug 2> /dev/null | awk '{print $2}'`
- now=`date +%s`
- druntime=`echo $(( $now - $dfrom ))`
- h=`echo $((( $druntime / 3600 ) %24 ))`
- m=`echo $((( $druntime / 60 ) %60 ))`
- s=`echo $(( $druntime %60 ))`
- druntime=`printf "%02d:%02d:%02d\n" $h $m $s`
- dendtime=`head -2 ./iptables-debug-del | tail -n 1 | awk '{print $2}'`
- ttime=`echo $(( $dendtime / 60 ))`
- ttime=`echo $(( $dfrom + $dendtime ))`
- leftime=`echo $(( $ttime - $now ))`
- m=`echo $((( $leftime / 60 ) %60 ))`
- s=`echo $(( $leftime %60 ))`
- leftime=`printf "%02d:%02d:%02d\n" $h $m $s`
- zzztime=`echo $(( $dendtime / 60 ))`
- c=0
- rm ./debug.rev > /dev/null 2>&1
- tail -800 /var/log/messages | grep -i "P2Partisan" > ./debug.log
- cat ./debug.log | sed '1!G;h;$!d' |
- (
- while read line
- do
- testo=`echo $line | grep "Debug started for IP" | wc -l`
- if [[ $testo -ge 1 ]]; then
- echo $line >> ./debug.rev
- cat ./debug.rev | sed '1!G;h;$!d' > ./debug.log
- rm ./debug.rev > /dev/null 2>&1
- exit
- else
- echo $line >> ./debug.rev
- fi
- done
- )
- if [ -z $1 ]; then
- echo -e "\033[48;5;60m+----------------------- INPUT & OUTPUT ------------------------+\033[0m"
- head -1 ./debug.log
- cat ./debug.log | grep "DEBUG" | awk '{printf "%s %s %s ",$1,$2,$3;for (i=4;i<=NF;i++) if ($i~/(IN|OUT|SRC|DST|PROTO|SPT|DPT)=/) printf "%s ",$i;print ""}' | while read line; do
- [ $(($c%2)) -eq 1 ] && printf "\033[48;5;60m"
- printf "%s\033[0m\n" "$line"
- c=$(($c+1))
- done
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- echo -e "\e[93mNOTE: debugging is active for $druntime /$zzztime min ($leftime left). Run this command again to update the report\033[0m"
- fi
- echo -e "\033[48;5;60m+----------------------- INPUT & OUTPUT ------------------------+\033[0m"
- elif [[ $1 = "in" ]]; then
- echo -e "\033[48;5;60m+--------------------------- INPUT -----------------------------+\033[0m"
- head -1 ./debug.log
- cat ./debug.log | grep "DEBUG-IN" | awk '{printf "%s %s %s ",$1,$2,$3;for (i=4;i<=NF;i++) if ($i~/(IN|OUT|SRC|DST|PROTO|SPT|DPT)=/) printf "%s ",$i;print ""}' | while read line; do
- [ $(($c%2)) -eq 1 ] && printf "\033[48;5;60m"
- printf "%s\033[0m\n" "$line"
- c=$(($c+1))
- done
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- echo -e "\e[93mNOTE: debugging is active for $druntime /$zzztime min ($leftime left). Run this command again to update the report\033[0m"
- fi
- echo -e "\033[48;5;60m+--------------------------- INPUT -----------------------------+\033[0m"
- elif [[ $1 = "out" ]]; then
- echo -e "\033[48;5;60m+--------------------------- OUTPUT ----------------------------+\033[0m"
- head -1 ./debug.log
- cat ./debug.log | grep "DEBUG-OUT" | awk '{printf "%s %s %s ",$1,$2,$3;for (i=4;i<=NF;i++) if ($i~/(IN|OUT|SRC|DST|PROTO|SPT|DPT)=/) printf "%s ",$i;print ""}' | while read line; do
- [ $(($c%2)) -eq 1 ] && printf "\033[48;5;60m"
- printf "%s\033[0m\n" "$line"
- c=$(($c+1))
- done
- fc=`iptables -L P2PARTISAN-DROP-IN | grep DEBUG | wc -l`
- if [[ $fc -ge 1 ]]; then
- echo -e "\e[93mNOTE: debugging is active for $druntime /$zzztime min ($leftime left). Run this command again to update the report\033[0m"
- fi
- echo -e "\033[48;5;60m+--------------------------- OUTPUT ----------------------------+\033[0m"
- fi
- echo -e "+---------------------------------------------------------------+"
- }
- pwhitelist() {
- ipset -F whitelist
- [ -f ./whitelist ] && cat ./whitelist | grep -v "^#" | grep -v "^$" | tr -d "\r" |
- (
- while read IP
- do
- echo "$IP" | grep -E "(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])" >/dev/null 2>&1 && q=1
- echo "$IP" | grep -Eo "([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])" >/dev/null 2>&1 && q=0
- if [[ $q -eq 0 ]]; then
- ipset -A whitelist $IP
- elif [[ $q -eq 1 ]]; then
- nslookup $IP | grep -Eo "([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])" | grep -v 127.0.0.1 |
- while read IPO
- do
- ipset -A whitelist $IPO
- done
- fi
- done
- )
- }
- pblacklistcustom() {
- ipset -F blacklist-custom
- [ -f ./blacklist-custom ] && cat ./blacklist-custom | grep -v "^#" | grep -v "^$" | tr -d "\r" |
- (
- while read IP
- do
- echo "$IP" | grep -E "(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9])" >/dev/null 2>&1 && q=1
- echo "$IP" | grep -Eo "([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])" >/dev/null 2>&1 && q=0
- if [[ $q -eq 0 ]]; then
- ipset -A blacklist-custom $IP
- elif [[ $q -eq 1 ]]; then
- nslookup $IP | grep -Eo "([2][5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5].|[2][0-4][0-9].|[1][0-9][0-9].|[0-9][0-9].|[0-9].)([2][0-5][0-5]|[2][0-4][0-9]|[1][0-9][0-9]|[0-9][0-9]|[0-9])" | grep -Ev '(^10\.|(^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.)|^192\.168\.)' | grep -v 127.0.0.1 |
- while read IPO
- do
- ipset -A blacklist-custom $IPO
- done
- fi
- done
- )
- }
- pstart() {
- if [[ $paranoiastuck -gt 1 ]]; then
- punblock
- fi
- running4=`[ -f $pidfile ] && echo 1 || echo 0`
- if [ $running4 -eq "0" ] ; then
- [ -f /tmp/p2partisan.loading ] && echo "P2Partisan is still loading. Exiting..." && exit
- touch /tmp/p2partisan.loading
- /bin/ntpsync > /dev/null 2>&1
- pre=`date +%s`
- sleep 1
- echo $$ > $pidfile
- [ -e iptables-add ] && rm iptables-add
- [ -e iptables-del ] && rm iptables-del
- [ -e ipset-del ] && rm ipset-del
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __ __
- | | __| |_.---.-.----.| |_
- | |__ | _| _ | _|| _|
- | |_______|____|___._|__| |____|
- |
- +---------------------------------------------------------------+
- +--------- PREPARATION --------"
- echo "| Loading the ipset modules"
- lsmod | awk '{print $1}' | grep "ip_set" > /dev/null 2>&1 || insmod ip_set
- lsmod | awk '{print $1}' | grep "ip_set_iptreemap" > /dev/null 2>&1 || insmod ip_set_iptreemap
- lsmod | awk '{print $1}' | grep "ipt_set" > /dev/null 2>&1 || insmod ipt_set
- counter=0
- pos=1
- echo "+---- CUSTOM IP BLACKLIST -----
- | preparing blacklist-custom ..."
- echo "| Loading blacklist #$counter --> ***Custom IP blacklist***"
- if [ "$(ipset --swap blacklist-custom blacklist-custom 2>&1 | grep 'Unknown set')" != "" ]
- then
- ipset --create blacklist-custom iptreemap > /dev/null 2>&1
- fi
- pblacklistcustom
- [ -e /tmp/iptables-add.tmp ] && rm /tmp/iptables-add.tmp > /dev/null 2>&1
- echo "+--------- GREYPORTs ----------"
- echo $greyports_tcp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Loading grey TCP ports $w"
- echo "iptables -A P2PARTISAN-IN -i $wanif -p tcp --match multiport --dports $w -g P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p tcp --match multiport --sports $w -g P2PARTISAN-LISTS-OUT 2> /dev/null" >> /tmp/iptables-add.tmp
- done
- echo $greyports_udp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Loading grey UDP ports $w"
- echo "iptables -A P2PARTISAN-IN -i $wanif -p udp --match multiport --dports $w -g P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p udp --match multiport --sports $w -g P2PARTISAN-LISTS-OUT 2> /dev/null" >> /tmp/iptables-add.tmp
- done
- # Get transmission port for greylisting if enabled
- transmissionenable=`nvram get bt_enable`
- if [ $transmissionenable = 1 ]; then
- transmissionport=`nvram get bt_port 2> /dev/null`
- wanip=`nvram get wan_ipaddr`
- p3=`echo $greyports_tcp | grep -Eo '$transmissionport' | wc -l`
- p4=`echo $greyports_udp | grep -Eo '$transmissionport' | wc -l`
- if [ $p3 -eq "0" ]; then
- echo "iptables -A P2PARTISAN-IN -i $wanif -p tcp -d $wanip --dport $transmissionport -g P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p tcp -s $wanip --sport $transmissionport -g P2PARTISAN-LISTS-OUT 2> /dev/null" >> /tmp/iptables-add.tmp
- fi
- if [ $p4 -eq "0" ]; then
- echo "iptables -A P2PARTISAN-IN -i $wanif -p udp -d $wanip --dport $transmissionport -g P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p udp -s $wanip --sport $transmissionport -g P2PARTISAN-LISTS-OUT 2> /dev/null" >> /tmp/iptables-add.tmp
- fi
- fi
- echo "+--------- WHITEPORTs ---------"
- echo $whiteports_tcp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Loading white TCP ports $w"
- echo "iptables -A P2PARTISAN-IN -i $wanif -p tcp --match multiport --sports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-IN -i $wanif -p tcp --match multiport --dports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p tcp --match multiport --sports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p tcp --match multiport --dports $w -j RETURN 2> /dev/null" >> /tmp/iptables-add.tmp
- done
- echo $whiteports_udp | awk -v RS=',' -F : '{ gsub(/\n$/, "") } NF > 1 { r=(r ? r "," : "") $0; if (r ~ /([^,]*,){6}/) { print r; r=""; } next } { s=(s ? s "," : "") $0; if (s ~ /([^,]*,){14}/) { print s; s=""; } } END { if (r && s) { p = r "," s; if (p !~ /([^,:]*[:,]){15}/) { print p; r=s="" } } if (r) print r ; if (s) print s }' | while read w; do
- echo "| Loading white UDP ports $w"
- echo "iptables -A P2PARTISAN-IN -i $wanif -p udp --match multiport --sports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-IN -i $wanif -p udp --match multiport --dports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p udp --match multiport --sports $w -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-OUT -o $wanif -p udp --match multiport --dports $w -j RETURN 2> /dev/null" >> /tmp/iptables-add.tmp
- done
- echo "iptables -A P2PARTISAN-IN -j P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -j P2PARTISAN-LISTS-OUT 2> /dev/null" >> /tmp/iptables-add.tmp
- echo "# $now
- iptables -N P2PARTISAN-IN 2> /dev/null
- iptables -N P2PARTISAN-OUT 2> /dev/null
- iptables -N P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -N P2PARTISAN-LISTS-OUT 2> /dev/null
- iptables -N P2PARTISAN-DROP-IN 2> /dev/null
- iptables -N P2PARTISAN-DROP-OUT 2> /dev/null
- iptables -F P2PARTISAN-IN 2> /dev/null
- iptables -F P2PARTISAN-OUT 2> /dev/null
- iptables -F P2PARTISAN-LISTS-IN 2> /dev/null
- iptables -F P2PARTISAN-LISTS-OUT 2> /dev/null
- iptables -F P2PARTISAN-DROP-IN 2> /dev/null
- iptables -F P2PARTISAN-DROP-OUT 2> /dev/null
- iptables -A P2PARTISAN-IN -m set --set blacklist-custom src -j P2PARTISAN-DROP-IN 2> /dev/null
- iptables -A P2PARTISAN-OUT -m set --set blacklist-custom dst -j P2PARTISAN-DROP-OUT 2> /dev/null" > iptables-add
- echo "# $now
- iptables -D wanin -i $wanif -m state --state NEW -j P2PARTISAN-IN >/dev/null 2>&1
- iptables -D wanout -o $wanif -m state --state NEW -j P2PARTISAN-OUT >/dev/null 2>&1
- iptables -D INPUT -i $wanif -m state --state NEW -j P2PARTISAN-IN >/dev/null 2>&1
- iptables -D OUTPUT -o $wanif -m state --state NEW -j P2PARTISAN-OUT >/dev/null 2>&1
- iptables -F P2PARTISAN-DROP-IN >/dev/null 2>&1
- iptables -F P2PARTISAN-DROP-OUT >/dev/null 2>&1
- iptables -F P2PARTISAN-LISTS-IN >/dev/null 2>&1
- iptables -F P2PARTISAN-LISTS-OUT >/dev/null 2>&1
- iptables -F P2PARTISAN-IN >/dev/null 2>&1
- iptables -F P2PARTISAN-OUT >/dev/null 2>&1
- iptables -X P2PARTISAN-IN >/dev/null 2>&1
- iptables -X P2PARTISAN-OUT >/dev/null 2>&1
- iptables -X P2PARTISAN-LISTS-IN >/dev/null 2>&1
- iptables -X P2PARTISAN-LISTS-OUT >/dev/null 2>&1
- iptables -X P2PARTISAN-DROP-IN >/dev/null 2>&1
- iptables -X P2PARTISAN-DROP-OUT >/dev/null 2>&1" >> iptables-del
- echo "+--------- WHITE IPs ---------"
- echo "| preparing IP whitelist ..."
- #Load the whitelist
- if [ "$(ipset --swap whitelist whitelist 2>&1 | grep 'Unknown set')" != "" ]
- then
- ipset --create whitelist iptreemap > /dev/null 2>&1
- fi
- pwhitelist
- echo "# $now
- ipset -F
- ipset -X blacklist-custom
- ipset -X whitelist" > ipset-del
- echo "| Loading IP whitelist"
- echo "iptables -A P2PARTISAN-IN -m set --set whitelist src -j RETURN > /dev/null 2>&1
- iptables -A P2PARTISAN-IN -m set --set whitelist dst -j RETURN > /dev/null 2>&1
- iptables -A P2PARTISAN-OUT -m set --set whitelist src -j RETURN > /dev/null 2>&1
- iptables -A P2PARTISAN-OUT -m set --set whitelist dst -j RETURN > /dev/null 2>&1" >> iptables-add
- cat /tmp/iptables-add.tmp >> iptables-add
- rm /tmp/iptables-add.tmp > /dev/null 2>&1
- if [ $syslogs -eq "1" ]; then
- echo "iptables -A P2PARTISAN-DROP-IN -m limit --limit $maxloghour/hour --limit-burst 1 -j LOG --log-prefix \"P2Partisan Dropped IN >> \" --log-level 1 2> /dev/null
- iptables -A P2PARTISAN-DROP-OUT -m limit --limit $maxloghour/hour --limit-burst 1 -j LOG --log-prefix \"P2Partisan Rejected OUT >> \" --log-level 1 2> /dev/null" >> iptables-add
- fi
- echo "iptables -A P2PARTISAN-DROP-IN -j DROP
- iptables -A P2PARTISAN-DROP-OUT -j REJECT --reject-with icmp-admin-prohibited" >> iptables-add
- echo "+------- IP BLACKLISTs -------"
- cat blacklists | grep -v "^#" | grep -v "^$" | tr -d "\r" |
- (
- while read line
- do
- counter=`expr $counter + 1`
- name=`echo $line | awk '{print $1}'`
- url=`echo $line | awk '{print $2}'`
- echo "| loading blacklist #$counter --> ***$name***"
- if [ $fastroutine -eq "1" ]; then
- if [ "$(ipset --swap $name $name 2>&1 | grep 'Unknown set')" != "" ]
- then
- [ -e ./runtime ] && rm -f ./runtime 2> /dev/null
- [ -e $name.gz ] || wget -q -O $name.gz "$url"
- { echo "-N $name iptreemap"
- gunzip -c $name.gz | \
- sed -e "/^[\t ]*#.*\|^[\t ]*$/d;s/^.*:/-A $name /" | \
- grep -Ev '(^10\.|(^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.)|^192\.168\.)'
- echo COMMIT
- } | ipset -R
- fi
- else
- if [ "$(ipset --swap $name $name 2>&1 | grep 'Unknown set')" != "" ]
- then
- [ -e ./runtime ] && rm -f ./runtime 2> /dev/null
- ipset --create $name iptreemap
- [ -e $name.lst ] || wget -q -O - "$url" | gunzip | cut -d: -f2 | grep -E "^[-0-9.]+$" | grep -Ev '(^10\.|(^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-1]\.)|^192\.168\.)' > $name.lst
- for IP in $(cat $name.lst)
- do
- ipset -A $name $IP
- done
- fi
- fi
- echo "ipset -X $name " >> ipset-del
- echo "iptables -A P2PARTISAN-LISTS-IN -m set --set $name src -j P2PARTISAN-DROP-IN 2> /dev/null
- iptables -A P2PARTISAN-LISTS-OUT -m set --set $name dst -j P2PARTISAN-DROP-OUT 2> /dev/null" >> iptables-add
- done
- echo "iptables -A P2PARTISAN-LISTS-IN -i $wanif -j RETURN 2> /dev/null
- iptables -A P2PARTISAN-LISTS-OUT -o $wanif -j RETURN 2> /dev/null" >> iptables-add
- )
- echo "iptables -I INPUT $pos -i $wanif -m state --state NEW -j P2PARTISAN-IN 2> /dev/null
- iptables -I OUTPUT $pos -o $wanif -m state --state NEW -j P2PARTISAN-OUT 2> /dev/null
- iptables -I wanin $pos -i $wanif -m state --state NEW -j P2PARTISAN-IN 2> /dev/null
- iptables -I wanout $pos -o $wanif -m state --state NEW -j P2PARTISAN-OUT 2> /dev/null" >> iptables-add
- chmod 777 ./iptables-*
- chmod 777 ./ipset-*
- ./iptables-add #protecting
- plog "... P2Partisan started"
- echo "+------------------------- Controls ----------------------------+"
- p=`nvram get dnsmasq_custom | grep log-async | wc -l`
- if [ $p -eq "1" ]; then
- plog "log-async found under dnsmasq -> OK"
- echo "+---------------------------------------------------------------+"
- else
- plog "
- | It appears like you don't have a log-async parameter in your dnsmasq
- | config. This is strongly suggested due to the amount of logs involved,
- | especially while debugging to consider adding the following command
- | under Advanced/DHCP/DNS/Dnsmasq Custom configuration:
- |
- | log-async=20
- |
- +---------------------------------------------------------------+"
- fi
- punblock #remove paranoia DROPs if any
- post=`date +%s`
- runtime=`echo $(( $post - $pre ))`
- [ -f ./runtime ] || echo $runtime > ./runtime
- [ -f /tmp/p2partisan.loading ] && rm -r "/tmp/p2partisan.loading" >/dev/null 2>&1
- else
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | _______ __ __
- | | __| |_.---.-.----.| |_
- | |__ | _| _ | _|| _|
- | already |_______|____|___._|__| |____| ed
- |
- +---------------------------------------------------------------+
- | It appears like P2Partisan is already running. Skipping...
- |
- | Is this is not what you expected? Try:
- | \033[1;33m./p2partisan.sh update\033[0;39m
- +---------------------------------------------------------------+
- "
- fi
- }
- for p in $1
- do
- case "$p" in
- "start")
- pstart
- exit
- ;;
- "stop")
- pforcestop
- exit
- ;;
- "restart")
- psoftstop
- ;;
- "status")
- pstatus
- exit
- ;;
- "pause")
- psoftstop
- exit
- ;;
- "detective")
- pdetective
- exit
- ;;
- "test")
- ptest $2
- exit
- ;;
- "debug")
- pdebug $2 $3
- exit
- ;;
- "debug-display")
- pdebugdisplay $2
- exit
- ;;
- "update")
- pforcestop
- echo "| Now updating..."
- ;;
- "paranoia-update")
- echo -e "
- +------------------------- P2Partisan --------------------------+
- | ______ __
- | | __ \.---.-.----.---.-.-----.-----.|__|.---.-.
- | | __/| _ | _| _ | | _ || || _ |
- | |___| |___._|__| |___._|__|__|_____||__||___._| update
- |
- +---------------------------------------------------------------+"
- pblock
- pforcestop
- ;;
- "autorun-on")
- pautorunset
- exit
- ;;
- "autorun-off")
- pautorununset
- exit
- ;;
- "autoupdate-on")
- pscheduleset
- exit
- ;;
- "autoupdate-off")
- pscheduleunset
- exit
- ;;
- "tutor-on")
- ptutorset
- exit
- ;;
- "tutor-off")
- ptutorunset
- exit
- ;;
- "tutor")
- ptutor
- exit
- ;;
- "upgrade")
- pupgrade
- ;;
- "upgrade-silent")
- pupgradesilent
- ;;
- "upgrade-beta")
- pupgradebeta
- ;;
- "help")
- version=`head -3 ./p2partisan.sh | tail -1 | cut -f 3- -d " "`
- echo -e "\033[48;5;60m
- ______ ______ ______ __ __
- | __ \__ | __ \.---.-.----.| |_|__|.-----.---.-.-----.
- | __/ __| __/| _ | _|| _| ||__ --| _ | |
- |___| |______|___| |___._|__| |____|__||_____|___._|__|__| $version
- \e[39m\e[49m
- help Display this text
- \e[97mstart Starts the process (this runs also if no option is provided)
- stop Stops P2Partisan
- restart Soft restart, updates whiteports & whitelist only
- pause Soft stop P2Partisan allowing for quick start
- update Hard restart, slow removes p2partisan, updates
- the lists and does a fresh start
- paranoia-update Like update but blocks any new connection until
- P2Partisan is running again\e[39m
- status Display P2Partisan running status + extra info
- \e[93mtest <IP> Verify existence of the given IP against lists
- debug Shows a guide on how to operate debug
- debug-display <in|out> Shows all the logs relevant to the last debug only
- detective Determines highest impact IPs:ports (number of sessions)
- \e[36mautorun-on Sets P2Partisan to boot with the router
- autorun-off Sets P2Partisan not to boot with the router
- autoupdate-on Sets automatic weekly updates to on
- autoupdate-off Sets automatic weekly updates to off
- tutor-on Sets hourly running-status checks to on
- tutor-off Sets hourly running-status checks to off
- upgrade Download and install the latest P2Partisan\e[39m
- "
- exit
- ;;
- *)
- echo "parameter not valid. please run:
- p2partisan.sh help
- "
- exit
- ;;
- esac
- done
- pstart
- exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement