2021-02-25 23:10:12 +00:00
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <err.h>
|
|
|
|
|
#include <netdb.h>
|
2021-02-28 09:54:36 +00:00
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <syslog.h>
|
2021-02-25 23:10:12 +00:00
|
|
|
|
|
|
|
|
int main(void){
|
|
|
|
|
struct sockaddr sock;
|
|
|
|
|
socklen_t slen = sizeof(sock);
|
2021-03-01 22:12:11 +00:00
|
|
|
char host[128] = "";
|
|
|
|
|
char port[6] = "";
|
2021-02-25 23:10:12 +00:00
|
|
|
int status;
|
|
|
|
|
|
2021-02-28 09:54:36 +00:00
|
|
|
unveil("/sbin/pfctl", "rx");
|
|
|
|
|
pledge("exec inet dns stdio", NULL);
|
|
|
|
|
|
2021-02-25 23:10:12 +00:00
|
|
|
if(getpeername(0, &sock, &slen))
|
|
|
|
|
err(1, "getpeername");
|
|
|
|
|
|
|
|
|
|
status = getnameinfo(&sock, slen, host, sizeof host, port, sizeof port,
|
|
|
|
|
NI_NUMERICHOST|NI_NUMERICSERV);
|
2021-02-28 16:31:08 +00:00
|
|
|
if(status != 0)
|
2021-02-25 23:10:12 +00:00
|
|
|
{
|
2021-02-28 09:54:36 +00:00
|
|
|
syslog(LOG_DAEMON, "getnameinfo error");
|
2021-02-25 23:10:12 +00:00
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-28 09:54:36 +00:00
|
|
|
syslog(LOG_DAEMON, "blocking %s", host);
|
2021-02-25 23:10:12 +00:00
|
|
|
switch(sock. sa_family)
|
|
|
|
|
{
|
|
|
|
|
case AF_INET:
|
2021-02-28 13:07:01 +00:00
|
|
|
execlp("/sbin/pfctl", "pfctl", "-t", "blocked", "-T", "add", host, NULL);
|
2021-02-25 23:10:12 +00:00
|
|
|
break;
|
2021-02-28 09:54:36 +00:00
|
|
|
// case AF_INET6:
|
|
|
|
|
// printf("%s %s\n", host, cmd);
|
|
|
|
|
// break;
|
2021-02-25 23:10:12 +00:00
|
|
|
default:
|
2021-02-28 09:54:36 +00:00
|
|
|
exit(2);
|
|
|
|
|
//puts("run from console");
|
2021-02-25 23:10:12 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
