Listing 4: ipblock shell program for portsentry and ip filter

#!/bin/sh
#
# $Id$
#
# $Source$
#
# $Log$
#
# ipblock - wrapper around ipf to permit portsentry to work with it.   
#           unfortunately (or fortunately) since ipf only adds rules to
#         the /END/ of a list, we could still allow someone to get in
#        by using the quick keyword.  The idea here is to set up a simple
#        rule by writing that rule to a temporary file, concatenating the
#        current ruleset to that file, flushing the input filter and then
#        reloading it.   Definitely not an atomic operation, but it should
#        get the job done.
#        

TARGET=$1
IPFCFDIR=/etc/opt/ipf

# 
# put in the rule we want to insert into the beginning of the file
#
echo "block in log quick on le0 from $TARGET to any" > /tmp/ipfrule.$$ #
# 
# now concatenate the current rules to the file
#
/sbin/ipfstat -i >> /tmp/ipfrule.$$ 
#
# the next step flushes the current ipf rules (drops the firewall for a split
# second) and then reloads it
#
/sbin/ipf -F i 
/sbin/ipf -f /tmp/ipfrule.$$

cp $IPFCFDIR/ipf.conf $IPFCFDIR/ipf.conf.old
cp /tmp/ipfrule.$$ $IPFCFDIR/ipf.conf

rm -f /tmp/ipfrule.$$