41 lines
949 B
Bash
41 lines
949 B
Bash
#!/bin/sh
|
|
set -e
|
|
|
|
startup() {
|
|
local jail="$1"
|
|
|
|
if [ -z "${jail}" ] || ! jpath=$(jls -j "${jail}" path 2>/dev/null) ; then
|
|
echo "Jail not specified or not running" 1>&2
|
|
return 1
|
|
fi
|
|
|
|
if ! [ -c "${jpath}/dev/pf" ] ; then
|
|
echo "No /dev/pf in ${jpath}!" 1>&2
|
|
return 1
|
|
fi
|
|
|
|
if [ "${jpath%%/root}" = "$jpath" ] ; then
|
|
J_LD_LIBRARY_PATH='/root/lib'
|
|
pfctl='/root/libexec/ld-elf.so.1 /root/sbin/pfctl'
|
|
else
|
|
J_LD_LIBRARY_PATH='/lib'
|
|
pfctl='/sbin/pfctl'
|
|
fi
|
|
}
|
|
|
|
jail_expire_table() {
|
|
local jail="$1"
|
|
local table="$2"
|
|
local expiry="$3"
|
|
LD_LIBRARY_PATH="${J_LD_LIBRARY_PATH}" jexec "${jail}" $pfctl -T expire "$expiry" -t "$table"
|
|
}
|
|
|
|
echo "$(date) - Starting up"
|
|
for j in $(jls name) ; do
|
|
echo "Running for ${j}.." 1>&2
|
|
if startup "$j" ; then
|
|
jail_expire_table "$j" "badhosts" 300
|
|
else
|
|
echo "Skipping ${j}.." 1>&2
|
|
fi
|
|
done
|