Added IP to logging for helping mitigate Shortcuts

2019-04-27 15:09:14 +02:00 · 2019-04-27 15:09:14 +02:00 · 10738aa721
commit 10738aa721
parent 009639b6a2
2 changed files with 3 additions and 2 deletions
--- a/roles/fastd/files/blacklist.sh
+++ b/roles/fastd/files/blacklist.sh
@ -1,7 +1,8 @@
 #!/bin/bash
 PEER_KEY=$1
 PEER_ADDRESS=$2
-if /bin/grep -Fq $PEER_KEY /opt/ffrgb_cty/vpn-blacklist/blacklist.json; then
+BLACKLIST=$3
+if /bin/grep -Fq $PEER_KEY $BLACKLIST; then
    echo "BANNED KEY: $PEER_KEY $PEER_ADDRESS"
    exit 1
 else
--- a/roles/fastd/templates/fastd.conf.j2
+++ b/roles/fastd/templates/fastd.conf.j2
@ -38,7 +38,7 @@ on down "
 ";

 {% if fastd_anonymous %}
-on verify "/etc/fastd/{{ site_code }}/blacklist.sh $PEER_KEY $PEER_ADDRESS /opt/{{ site_code }}/vpn-blacklist/blacklist.json";
+on verify "/etc/fastd/{{ site_code }}/blacklist.sh $PEER_KEY $PEER_ADDRESS /etc/fastd/{{ site_code }}/vpn-blacklist/blacklist.json";
 {% endif %}

 include peers from "peers";