-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcheck-abuseipdb.sh
48 lines (39 loc) · 1.19 KB
/
check-abuseipdb.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/bash
# Define your AbuseIPDB API key and Discord webhook URL
API_KEY="YOUR-API-KEY"
DISCORD_WEBHOOK_URL="YOUR DISCORD-WEBHOOK-URL"
# Function to check IP and send Discord notification if blacklisted
check_ip() {
local ip=$1
response=$(curl -s -G https://api.abuseipdb.com/api/v2/check \
--data-urlencode "ipAddress=$ip" \
-d maxAgeInDays=90 \
-d verbose \
-H "Key: $API_KEY" \
-H "Accept: application/json")
abuse_confidence_score=$(echo $response | jq '.data.abuseConfidenceScore')
if [ "$abuse_confidence_score" -gt 0 ]; then
send_discord_notification "$ip"
echo "$ip: blacklisted"
else
echo "$ip: clean"
fi
}
# Function to send Discord notification
send_discord_notification() {
local ip=$1
curl -H "Content-Type: application/json" -X POST -d "{\"content\": \"Warning: IP $ip blacklisted in AbuseIPDB\"}" $DISCORD_WEBHOOK_URL
}
# Get the external IP address
external_ip=$(curl -s http://whatismyip.akamai.com/)
# Array of IPs to check
ips=(
"IP1"
"IP2"
"IP3"
"$external_ip" # if run e.g. on homeserver checks public ip of server this script is running on
)
# Loop through the array and check each IP
for ip in "${ips[@]}"; do
check_ip $ip
done