ak-db.sh
Prev Kernun UTM Reference (8) Next

Name

ak-db.sh — Adaptive Kernun 4.7 blacklist control tool

Synopsis

ak-db.sh [-h] [-f db-file] [-v] [table|db] command [parameters]

Description

Utility ak-db.sh provides a user interface to the blacklist database of the Adaptive Kernun 4.7 (see ak47(7) manual page) module.

For the list of tables, see the ak47(7) manual page, or run the script with the -h option.

Options

The script options are as follows:

-f

Use given filename. By default, the standard filename is used, according to the table name selected.

-h

Print usage and exit.

-v

Be more verbose; print also all SQL commands being executed.

Commands

db create

Creates a new AK47 IDS or IPS database file.

db remove [-y]

Removes a AK47 database.

  • If the -y option is used, the script does not query to confirm the removal.

db list

Prints list of tables in given database file.

db find { IP-address | regular-expression }

Finds all occurences of an IP address or an IP address pattern in all tables of given database.

table show [-uR] [-tc] [-r] [-n num] [-fF flag]

Displays content of a database table. By default, it sorts the output by IP addresses.

The output format for all tables begins by four columns (ADDRESS, FLAGS, COUNT, LAST). For the SSHD table, there is another colmun at the end of line showing the difference (in seconds) between the LAST occurence and the occurence number num given by the -n option.

  • If the -c option is used, the items are sorted by number of occurences.

  • If the -f option is used, only the items having given flag set are printed.

  • If the -F option is used, only the items having given flag unset are printed.

  • If the -r option is used, the items are sorted in reverted (descending) order.

  • If the -R option is used, the items are printed in raw format (no formatting).

  • If the -t option is used, the items are sorted by time of last occurence.

  • If the -u option is used, the times are shown in UTC instead of local time.

table add [flag] IP-address { +time-offset | -time-offset | 0 }...

Warning

SSHD table version...

Adds given client to the table with any number of recent occurences set as current time plus/minus given offset(s) and flag set accordingly.

table add [flag] { +time-offset | -time-offset | 0 } IP-address...

Warning

Non-SSHD table version...

Adds given clients to the table with last time set as current time plus/minus given offset and flag set accordingly.

table del IP-address...

Deletes given clients from the database.

feed

Prepares a new IPS database from the data in the IDS one.

See Also

Kernun: ak47(7)

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2020 Trusted Network Solutions, a. s.
All rights reserved.

Prev Up Next
Kernun UTM Reference (8) Home alertd