Sunday, 9 December 2018

Cache peers control - firewall for illegal cache peers

a simple script to ban those "cache alert" peers , it is actually very simple, it scans multics.cfg for cache peers, and then first allows their dns through firewall, and in the end drops all other incoming connections towards cache port

instalation:

also very simple:
  1. download the script from attachment and put it in /bin or /usr/sbin folder on your server
  2. open the script in your favorite text editor and edit the following lines according to your configuration:
#============================================
IPTABLES="/sbin/iptables"
MULTICS_CFG_PATH="/var/etc"
MULTICS_CFG_NAME="multics.cfg"
CACHE_PORT="10000"
#============================================
IPTABLES - <don't touch this.>
MULTICS_CFG_PATH - as it says, path to your multics.cfg
MULTICS_CFG_NAME - EXACT name of multics.cfg
CACHE_PORT - your cache port

3. save your settings and start terminal/putty

4. if the script is in /bin or /usr/sbin, it will start by executing a simple command:
cache

after that, you will see iptables adding rules of dns addresses that it allows on your server, and in the end adding rules to drop all other unknown traffic on your cache port

that should remove those "cache alert" peers

IMPORTANT: when you add any other peer to your multics.cfg, you need to run the command again; also, you can execute the command when ever you want, even more than once after adding or deleting peers 
.


Download
https://drive.google.com/file/d/1oJMKWvg0OwSDP69xaVpvEcr0YiaKz362/view?usp=sharing

No comments:

Post a Comment