hubot-bash-and-iptables-handlers

GitHub HUBOT handler to run arbitrary bash/shell command and an specific handler for IPTABLES

First, RTFM

Then install hubot-script-shellcmd

Now you can use the run script simply by put it in hubot_dir/bash/handlers and use it like

  shellcmd run date

To use the ban ban script you need to add an IPTABLES chain with the name "DOOMED"

  iptables -N DOOMED

then you need to put it in hubot_dir/bash/handlers and you can talk to HUBOT for "ban" a CIDR

  shellcmd ban 85.21.47.65/32

or to show and save IPTABLES rules to /etc/firewall.conf

  shellcmd ban save

In our case we add some stuff to the DOOMED chain so you can do that if you want functionality like "log&drop"

  iptables -A DOOMED -j LOG --log-prefix "DOOMED:" --log-level 4
  iptables -A DOOMED -j DROP

in this way packets are logged and then dropped.

To intercept packets logged in this way we add an /etc/rsyslog.d/iptables-doomed.conf file with these content

  :msg, contains, "DOOMED:" /var/log/iptables-doomed.log
  & ~

and the restart rsyslog

  /etc/init.d/rsyslog restart

doing that you can watch logs about DOOMED packets in

  tail -f /var/log/iptables-doomed.log

For direct support click here