NAME
mcblockc —
Client of mcblockd
SYNOPSIS
| mcblockc |
[-h
mcblockd_host] search
ipv4addr |
| mcblockc |
[-h
mcblockd_host] getactive
tableName |
| mcblockc |
[-h
mcblockd_host] loghit
tableName ipv4addr |
| mcblockc |
[-h
mcblockd_host] activate
tableName prefix(es) |
| mcblockc |
[-h
mcblockd_host] deactivate
tableName prefix(es) |
| mcblockc |
[-h
mcblockd_host] get
tableName ipv4addr |
| mcblockc |
[-h
mcblockd_host] edit
tableName ipv4addr |
| mcblockc |
[-h
mcblockd_host] getaddrrules
tableName |
DESCRIPTION
mcblockc is a simple client of
mcblockd(8). It allows the
user to view the contents of the tables in
mcblockd(8) as well as add
or remove entries from the tables.
The following command line options are available:
- -h mcblockd_host
- Specify the
mcblockd(8) host to be
queried.
Note that the data exhanged with
mcblockd(8) is encrypted
with AES-128, and authentication is using RSA with 2048-bit keys and ECDH for
the initial key exchange.
search ipv4addr
Returns the prefixes from the
mcblockd(8) tables that
cover the given
ipv4addr. Example:
% mcblockc search 218.64.1.1
mail_losers:
218.64/11 128d CN (China)
ssh_losers:
218.64/11 115d CN (China)
www_losers:
218.64/11 83d CN (China)
The column after the prefix is the number of days remaining before the prefix is
deactivated by
mcblockd(8).
After the days remaining, the country code and country name is shown.
getactive tableName
Returns all of the prefixes in the given
tableName, and also a summary of
addresses per country for the table. Example:
% mcblockc getactive ssh_losers
ssh_losers:
1.9/16 154d MY (Malaysia)
1.20/16 177d TH (Thailand)
1.32.0/17 155d MY (Malaysia)
1.36/16 175d HK (Hong Kong)
1.48/14 152d CN (China)
1.56/13 127d CN (China)
1.160/12 122d TW (Taiwan)
1.180/14 152d CN (China)
1.208/12 162d KR (Korea)
1.224/11 145d KR (Korea)
2.60/14 122d RU (Russian Federation)
2.92/14 127d RU (Russian Federation)
2.176/12 117d IR (Iran, Islamic Republic of)
....
Addresses covered per country:
CN 194,816,128
/10 networks: 10 (41,943,040 addresses)
/11 networks: 25 (52,428,800 addresses)
/12 networks: 53 (55,574,528 addresses)
/13 networks: 52 (27,262,976 addresses)
/14 networks: 46 (12,058,624 addresses)
....
BR 47,344,640
/10 networks: 8 (33,554,432 addresses)
/11 networks: 4 (8,388,608 addresses)
/12 networks: 4 (4,194,304 addresses)
/13 networks: 5 (2,621,440 addresses)
/14 networks: 4 (1,048,576 addresses)
....
loghit tableName ipv4addr
Simulates a log hit for the given
ipv4addr in the given table
tableName. This simulates the actions taken when
mcblocklog(1) sends a
loghit to
mcblockd(8).
Policy from
mcblockd.conf(5) is
applied. Example:
% mcblockc loghit ssh_losers 31.192.120.36
{
"added" : "31.192.112/20",
"requested" : "31.192.120.36"
}
Note that the response is formatted as simple JSON.
activate tableName
prefix(es)
Activates the given
prefix(es) in the given table
tableName. This
is intended as an emergency type of operation (perhaps an ongoing attack), and
does not apply policy nor attempt country code lookup (the prefix(es) might
span multiple countries). Example:
% mcblockc activate ssh_losers 31.192.112/20
{
"prefixes" : [
{
"added" : "31.192.112/20",
"requested" : "31.192.112/20"
}
],
"table" : "ssh_losers"
}
Note that the response is formatted as simple JSON.
deactivate tableName
prefix(es)
Deactivates the given
prefix(es) in the given table
tableName.
Example:
% mcblockc deactivate ssh_losers 31.192.112/20
{
"prefixes" : [
{
"deactivated" : "31.192.112/20"
}
],
"table" : "ssh_losers"
}
Note that the response is formatted as simple JSON.
get tableName ipv4addr
Gets the matching entry for
ipv4addr from the given table
tableName and shows the result in JSON form. Example:
% mcblockc get www_losers 178.32.209.26
{
"countryCode" : "FR",
"daysRemaining" : 179,
"prefix" : "178.32/15",
"table" : "www_losers"
}
edit tableName ipv4addr
Allows editing of the country code and days remaining for the prefix containing
ipv4addr in the given table
tableName and shows the result in
JSON form. You will be prompted for the country code and daysRemaining, with
the current value in []. If you hit enter for a value, the current value will
be kept. Example:
% mcblockc edit www_losers 178.32.209.26
Editing prefix 178.32/15 in table www_losers
countryCode [FR]:
daysRemaining [179]: 200
{
"countryCode" : "FR",
"daysRemaining" : 200,
"edited" : true,
"prefix" : "178.32/15",
"table" : "www_losers"
}
getaddrrules tableName
NOT IMPLEMENTED
ENVIRONMENT
If the
MCBLOCKDHOST environment variable is set, it will
be used as the default
mcblockd(8) host when the
-h mcblockd_host command line option is
not used.
FILES
- ${HOME}/.dwmauth/id_rsa
- The user's dwmauth private key
file, created with
dwmauth(1). This file
should be owned by the user and have permissions 0600. It must contain the
private part of a 2048-bit RSA key pair.
- ${HOME}/.dwmauth/id_rsa.pub
- The user's dwmauth public key
file, created with
dwmauth(1). This file
should be owned by the user and have permissions 0600. It must contain the
public part of a 2048-bit RSA key pair.
- ${HOME}/.dwmauth/known_services
- The user's dwmauth known
services file. This file must contain the public key of
mcblockd(8) from the
mcblockd(8) host being
queried.
SEE ALSO
mcblockd(8),
mcblocklog(1),
dwmauth(1)
COPYRIGHT
Copyright (c) 2017 Daniel W. McRobb
dwm@mcplex.net