If this is your first visit, be sure to check out the FAQ. You must register before you can post.
IMPORTANT: Your first post will be checked for appropriate content. This may take a bit of time.
Imports System.Text.RegularExpressions
Sub Main(parms As Object)
'============ Change these variables to your needs.
'============ FILE_NAME is holding the location and name of the file to create and read
'============ NoOfDays is holding the number of days to look back in the log, normally a week should do for returning hackers
'============ NumberOfTries is holding the number of tries that should be allowed by you. Use this value wisely, if set to low, your own typo in the password and some extra trying could lock you out!
'============ TaskName is the name of the task to start if new IP's have been found
Dim FILE_NAME As String = "c:\hs3\data\blocklist.txt"
Dim NoOfDays As Integer = 7
Dim NumberOfTries As Integer = 15
Dim TaskName As String = "BlockList"
'======================================================================================
'============ Do not change lines below unless you are sure of what youre doing :-)
'======================================================================================
Dim IpAddresses As New System.Collections.Generic.List(Of String)
Dim NewIPAdresses As New System.Collections.Generic.dictionary(Of String, Integer)
Dim IPAdded As Boolean = False
Dim Logs() As HomeSeerAPI.LogEntry
Dim IP As String
Try
If System.IO.File.Exists(FILE_NAME) = True Then
Dim objReader As New System.IO.StreamReader(FILE_NAME)
Do While objReader.Peek() >= 0
IpAddresses.Add(objReader.ReadLine())
Loop
End If
Logs = hs.GetLog_Date_Text(Now.AddDays(NoOfDays * -1), Now, Nothing, "failed\sfrom:\s\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b", True)
If Logs Is Nothing Then
hs.WriteLog("Hacker Info", "There have been no failed login attempts in the past " & NoOfDays & " Days")
Exit Sub
End If
If Logs.count > 0 Then hs.WriteLog("Hacker Info", "There have been " & Logs.count & " failed login attempts in the past " & NoOfDays & " Days")
If Logs.count = 0 Then Exit Sub
For Each Log As HomeSeerAPI.LogEntry In logs
ip = Regex.Match(log.LogText, "\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b", RegexOptions.Singleline).ToString
If NewIPAdresses.ContainsKey(IP) Then
NewIPAdresses.Item(IP) = NewIPAdresses.Item(IP) + 1
Else
NewIPAdresses.Add(IP, 1)
End If
Next
For Each IP In NewIPAdresses.Keys
If NewIPAdresses.Item(IP) > NumberOfTries Then
If Not IpAddresses.Contains(IP) Then
IpAddresses.Add(IP)
hs.WriteLog("Hacker Info", "IP address " & IP & " is added to the blocklist")
Dim objWriter As New System.IO.StreamWriter(FILE_NAME, True)
objWriter.WriteLine(IP)
objWriter.Close()
IPAdded = True
End If
End If
Next
If ipaddresses.count > 0 Then
hs.WriteLog("Hacker Info", "we have currently " & ipaddresses.count & " IP numbers blocked.")
End If
' Start task schedular task to update firewall rule
If IPAdded Then
hs.launch("schtasks", "/Run /TN " & TaskName, "", 0)
End If
Catch ex As Exception
hs.writelog("Hacker Info", "Error:" & ex.message)
End Try
End Sub
Comment