dynipdrop

 
About
 
README/Install
 
Download
 
FAQ
 
 

1. INSTALL

Run "make" at first, Copy the floowing file to your prefix path:

		dynipdrop
		dynipdrop.conf
		ipdrop_local
		ipdrop_udp
		sshdprotector
		sshdprotector.conf
For example, I copy into "/server/dynipdrop".

2. MAKE A DYNIPDROP DAEMON

o. Modify <config-file-install-path>/dynipdrop.conf, confirm the "iptable_path" (in [global] group) is correct.

o. change "listen_ip", "listen_port" and "share_key" in [global] group (use by "dynipdrop_udp" command line).

o. modify [controler_ip] group value, "dynipdrop" daemon only receive the udp ids-inform package from these ip.

o. modify [do_not_drop_ip] group value, add all "don't drop ip" ip/mask.
--* remember add the gateway ip in here. *--

(NOTE: "dynipdrop" daemon never drop the ip/mask in [controler_ip] or [do_not_drop_ip] groups.)

o. Run "<install-path>/dynipdrop <config-file-install-path>/dynipdrop.conf", for example:

		/server/dynipdrop/dynipdrop /server/dynipdrop/dynipdrop.conf
o. See the mesaage "/server/dynipdrop/dynipdrop worked in background." dynipdrop daemon is running.

3. SEND DROP IP FROM LOCAL
(for example: I'm in the server, and want to tell this server drop 172.16.18.220 ip 60 seconds.)

o. confirm "dynipdrop" daemon running.

o. run "<install-path>/ipdrop_local <drop-ip> <drop-time(seconds)>", like:

		/server/dynipdrop/ipdrop_local 172.16.18.220 60
o. That's ok. you can use "iptables -L INPUT -n|head -n10" to show the INPUT rule, you will see the message like this:
		#iptables -L INPUT -n|head -n10
		Chain INPUT (policy ACCEPT)
		target     prot opt source               destination         
		DROP       all  --  172.16.18.220        0.0.0.0/0           /* DYNIPDROP */ 
o. This rule will be automatically deleted after 60 seconds passed.

4. SEND DROP IP FROM REMOTE-SERVER
(for example: I'm in sniffer-server, and want to tell another server(server-ip: 192.168.1.10, dynipdrop "listen_port" set to 1001 and "share-key" is "aaa") to drop 172.16.18.220 ip 60 seconds.)

o. confirm "dynipdrop" daemon running.

o. run "<install-path>/ipdrop_udp <server-ip> <server-port> <drop-ip> <drop-time(seconds)> <share-key>", like:

		/server/dynipdrop/ipdrop_udp 192.168.1.10 1001 172.16.18.220 60 aaa
o. That's ok. you can login the 192.168.1.10 server and use "iptables -L INPUT -n|head -n10" to show the INPUT rule, you will see the message like this:
		#iptables -L INPUT -n|head -n10
		Chain INPUT (policy ACCEPT)
		target     prot opt source               destination         
		DROP       all  --  172.16.18.220        0.0.0.0/0           /* DYNIPDROP */ 
o. This rule will be automatically deleted after 60 seconds passed.

-- Cheng Dong [ ccdong[-at-]gmail[dot]com ] [ http://hwmonitor.sf.net]
 

 
 
-- Go Top --