Wednesday, September 24, 2008

Perl Script to Update Recommended IP Block Ranges

Yesterday, I started down the road of learning to develop in Perl. Came up with the idea of updating my OpenBSD firewall badhosts table with the DShields recommended IP block range list.

In order to get it to run I had to install the p5-LWP-UserAgent-Determined-1.03.tgz package on the OpenBSD system.

Configured Cron to run the script:
sudo crontab -e
* 23 * * * /usr/bin/perl /etc/bhupdate.pl >/dev/null 2>&1

----Part of pf.conf-------------

table <badhosts> persist file "/etc/badhosts"

block in log quick on $ext_if from <badhosts> \
label "Badhosts in"
block out log quick on $ext_if to <badhosts> \
label "Badhosts out"

--------------------------------------------------

Here is the Perl script:

#!/usr/local/bin/perl -w
use LWP::Simple;

#open the badhosts file and load it to an array
open(BH,"/etc/badhosts");
@badhosts = ;
close BH;

#create arrays and get recommended block data from site
@badips = ();
@dshield = split("\n",get('http://feeds.dshield.org/block.txt'));

foreach $newrange(@dshield)
{
#check to see if line starts with an ip. if so then
#pull only the first ip

if($newrange =~ m/^\d/i)
{
@ipinfo = split("\t",$newrange);
$ip = "$ipinfo[0]/24\n";

$counter = 0;

#check to see if ip range is already listed in badhosts file
#if not then load in into badips array

foreach $badrange(@badhosts)
{
if($badrange eq $ip)
{
$counter++;
}
}

if($counter == 0)
{
push(@badips,$ip);
}

}

}

#append badhosts file with newly recommended block ranges
open(BH,">>/etc/badhosts");
print BH @badips;
close BH;

system("pfctl -f /etc/pf.conf")

Friday, September 12, 2008

Quick Way to Change File Extensions in the Same Folder

I was given the task of searching a few hundred archived Eudora mailbox files today for a certain email address. Didn't want to install Eudora on a system so I just opened the files with Notepad. The problem I ran into was that Windows Search wouldn't search the .mbx files.

So I needed to quickly change all the .mbx files in the folder to .txt extension so that Windows Search could scan them. Thought VBScript would be a good way; however, found that it would take too much code to just do a simple task.

Instead I went back to the command line and used the following command on the folder:

ren *.mbx *.txt

This allowed me to quickly find the requested email data using Windows Search.