forked from pincioc/fail2ban_mikrotik
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfail2ban_mikrotik.py
executable file
·52 lines (46 loc) · 1.5 KB
/
fail2ban_mikrotik.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/usr/bin/python3
#
# Mikrotik Fail2ban script v0.1 #
# #
# by Mauro Fiore #
# blog.openskills.it #
#
import argparse,sys
from tikapy import TikapyClient
from pprint import pprint
parser = argparse.ArgumentParser(description="Fail2Ban Mikrotik Script 0.1")
parser.add_argument('-m', help='Mikrotik ip',required=True)
parser.add_argument('-s', help='Mikrotik API port',required=True)
parser.add_argument('-u', help='Mikrotik API User',required=True)
parser.add_argument('-p', help='Mikrotik API Password',required=True)
parser.add_argument('-a', help='Action: ban or unban',required=True)
parser.add_argument('-i', help='Ip address',required=True)
parser.add_argument('-l', help='address List', required=True)
parser.add_argument('-d', help='dinamic timeout', required=False)
args = parser.parse_args()
client = TikapyClient(args.m,int(args.s))
client.login(args.u,args.p)
if args.a == "ban":
addresslist="=list="+args.l
ip="=address="+args.i
if args.d:
dynamic="dynamic=yes"
timeout="=timeout="+args.d
client.talk(['/ip/firewall/address-list/add',addresslist,ip,dynamic,timeout])
else:
client.talk(['/ip/firewall/address-list/add',addresslist,ip,])
sys.exit(0)
elif args.a == "unban":
addresslist="?=list="+args.l
ip="?=address="+args.i
dic=client.talk(['/ip/firewall/address-list/print',ip,addresslist,])
if bool(dic):
for key in dic:
nid=dic[key].get(".id")
remid="=.id="+nid
client.talk(['/ip/firewall/address-list/remove',remid,])
sys.exit(0)
else:
sys.exit(1)
else:
sys.exit(1)