Deprecation notice
We do not recommend using this script for new production installations as it does not support majority of new capabilities provided by our product. Please use JSON based scripts instead: Python callback script and Perl callback script.
Introduction
FastNetMon can call single script directly but if you need more scripts to execute multiple actions you will need additional script.
We offer example for “text” mode notify script which can call multiple notify scripts.
Create file /etc/fastnetmon_wrapper.sh with following content:
#!/usr/bin/env bash
# This script will get following params:
# $1 client_ip_as_string
# $2 data_direction
# $3 pps_as_string
# $4 action (ban or unban)
# You can run as much as you want scripts here one by one
declare -a notify_scripts=("/opt/fastnetmon_script1.sh" "/opt/fastnetmon_script2.sh")
if [ "$4" = "unban" ]; then
# No details arrived to stdin here
for script in "${notify_scripts[@]}"
do
$script $@
done
exit 0
fi
if [ "$4" = "ban" ]; then
# Save attack details in temp file
cat > /tmp/fastnetmon.attack.details_$
for script in "${notify_scripts[@]}"
do
cat /tmp/fastnetmon.attack.details_$ | $script $@
done
exit 0
fi
Make this script executable:
sudo chmod +x /etc/fastnetmon_wrapper.sh
And specify it for FastNetMon:
sudo fcli set main notify_script_path /etc/fastnetmon_wrapper.sh sudo fcli set main notify_script_format text sudo fcli commit
Before using it in production, please test this script.
Example ban:
echo "Attack details" | /etc/fastnetmon_wrapper.sh 11.22.33.44 incoming 100500 ban
Example unban:
/etc/fastnetmon_wrapper.sh 11.22.33.44 incoming 100500 unban