Blackhole will load automatically, dps.sh will show blackhole status

2025-07-01 12:32:12 +00:00 · 2022-02-07 15:57:09 +00:00 · 2022-02-07 15:57:09 +00:00 · 148fd335c5
commit 148fd335c5
parent 3cc90fdf8e
3 changed files with 39 additions and 8 deletions
--- a/bin/blackhole.sh
+++ b/bin/blackhole.sh
@ -16,7 +16,8 @@ if [ "$1" == "" ];
    echo "### This script will download and add blackhole routes for known mass scanners in an attempt to decrease the chance of detection."
    echo "### IPs are neither curated or verified, use at your own risk!"
    echo "###"
-    echo "### Routes are not added permanently, if you wish a persistent solution add this script to /etc/rc.local to be started after boot."
+    echo "### As long as <blackhole.sh del> is not executed the routes will be re-added on T-Pot start through </opt/tpot/bin/updateip.sh>."
+    echo "### Check with <ip r> or <dps.sh> if blackhole is enabled."
    echo
    echo "Usage: blackhole.sh add (add blackhole routes)" 
    echo "       blackhole.sh del (delete blackhole routes)"
--- a/bin/dps.sh
+++ b/bin/dps.sh
@ -17,14 +17,36 @@ myBLUE="[1;34m"
 myWHITE="[0;0m"
 myMAGENTA="[1;35m"

+# Blackhole Status
+myBLACKHOLE_STATUS=$(ip r | grep "blackhole" -c)
+if [ "$myBLACKHOLE_STATUS" -gt "500" ];
+  then
+    myBLACKHOLE_STATUS="${myGREEN}ENABLED"
+  else
+    myBLACKHOLE_STATUS="${myRED}DISABLED"
+fi
+
+function fuGETTPOT_STATUS {
+# T-Pot Status
+myTPOT_STATUS=$(systemctl status tpot | grep "Active" | awk '{ print $2 }')
+if [ "$myTPOT_STATUS" == "Active" ];
+  then
+    echo "${myGREEN}ACTIVE"
+  else
+    echo "${myRED}INACTIVE"
+fi
+}
+
 function fuGETSTATUS {
 grc --colour=on docker ps -f status=running -f status=exited --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" | grep -v "NAME" | sort
 }

 function fuGETSYS {
-printf "========| System |========\n"
-printf "%+10s %-20s\n" "Date: " "$(date)"
-printf "%+10s %-20s\n" "Uptime: " "$(uptime | cut -b 2-)"
+printf "[ ========| System |======== ]\n"
+printf "${myBLUE}%+11s ${myWHITE}%-20s\n" "DATE: " "$(date)"
+printf "${myBLUE}%+11s ${myWHITE}%-20s\n" "UPTIME: " "$(uptime | cut -b 2-)"
+printf "${myMAGENTA}%+11s %-20s\n" "T-POT: " "$(fuGETTPOT_STATUS)"
+printf "${myMAGENTA}%+11s %-20s\n" "BLACKHOLE: " "$myBLACKHOLE_STATUS${myWHITE}"
 echo
 }

--- a/bin/updateip.sh
+++ b/bin/updateip.sh
@ -10,12 +10,20 @@ if [ "$myEXTIP" = "" ];
    myEXTIP=$myLOCALIP
 fi

-myBLACKHOLE_STATUS=$(ip r | grep "blackhole" -c)
-if [ "$myBLACKHOLE_STATUS" -gt "3000" ];
+# Load Blackhole routes if enabled 
+myBLACKHOLE_FILE1="/etc/blackhole/mass_scanner.txt"
+myBLACKHOLE_FILE2="/etc/blackhole/mass_scanner_cidr.txt"
+if [ -f "$myBLACKHOLE_FILE1" ] || [ -f "$myBLACKHOLE_FILE2" ];
  then
-    myBLACKHOLE_STATUS="| [1;34mBLACKHOLING MASS SCANNERS: [ [0;37mENABLED[1;34m ][0m"
+    /opt/tpot/bin/blackhole.sh add
+fi
+
+myBLACKHOLE_STATUS=$(ip r | grep "blackhole" -c)
+if [ "$myBLACKHOLE_STATUS" -gt "500" ];
+  then
+    myBLACKHOLE_STATUS="| [1;34mBLACKHOLE: [ [0;37mENABLED[1;34m ][0m"
  else
-    myBLACKHOLE_STATUS="| [1;34mBLACKHOLING MASS SCANNERS: [ [1;30mDISABLED[1;34m ][0m"
+    myBLACKHOLE_STATUS="| [1;34mBLACKHOLE: [ [1;30mDISABLED[1;34m ][0m"
 fi

 mySSHUSER=$(cat /etc/passwd | grep 1000 | cut -d ':' -f1)