/usr/sbin/shield-trigger is in libpam-shield 0.9.6-1.1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 | #! /bin/sh
#
# shield-trigger WJ107
#
# pam_shield 0.9.6 WJ107
# Copyright (C) 2007-2012 Walter de Jong <walter@heiho.net>
# and Jonathan Niehof <jtniehof@gmail.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
null_route() {
#
# louzy detection of IPv4 or IPv6 address
#
INET=`echo "$2" | sed 's/[0-9\.]//g'`
if [ -z "$INET" ]
then
INET=""
GW="127.0.0.1"
else
INET="-f inet6"
GW="::1"
fi
if [ -x /sbin/ip ]
then
/sbin/ip $INET route $1 blackhole $2
else
if [ ! -z "$INET" ]
then
INET="-A inet6"
fi
/sbin/route $INET $1 -host $2 gw $GW dev lo
fi
# mail -s "[security] pam_shield blocked $2" root <<EOF
#Another monkey kept off our backs ...
#EOF
}
### usually no editing is needed beyond this point ###
usage() {
echo "shield-trigger WJ107"
echo "usage: ${0##*/} [add|del] <IP number>"
echo
echo "shield-trigger is normally called by the pam_shield PAM module"
exit 1
}
PATH=/sbin:/usr/sbin:/bin:/usr/bin
if [ -z "$2" ]
then
usage
fi
case "$1" in
add)
logger -i -t shield-trigger -p authpriv.info "blocking $2"
CMD="add"
IP=$2
;;
del)
logger -i -t shield-trigger -p authpriv.info "unblocking $2"
CMD="del"
IP=$2
;;
*)
usage
;;
esac
null_route "$CMD" "$IP"
exit 0 # make pam_shield happy
# EOB
|