reaction/reaction.yml

---
definitions:
  - &iptablesban iptables -I reaction 1 -s <ip> -j block
  - &iptablesunban iptables -D reaction 1 -s <ip> -j block

patterns:
  ip: '(([0-9]{1,3}\.){3}[0-9]{1,3})|([0-9a-fA-F:]{2,90})'

streams:
  tailDown:
    cmd: [ "tail", "/home/ao/DOWN" ]
    filters:
      findIP:
        regex:
          - found <ip>
        # retry: 1
        retry-period: 1s
        actions:
          damn:
            cmd: [ "echo", "<ip>" ]
          sleepdamn:
            cmd: [ "echo", "sleep", "<ip>" ]
            after: 1s
First configuration read 2023-03-23 21:14:53 +01:00			`---`
			`definitions:`
			`- &iptablesban iptables -I reaction 1 -s <ip> -j block`
			`- &iptablesunban iptables -D reaction 1 -s <ip> -j block`

Close #3 2023-03-24 17:36:41 +01:00			`patterns:`
			`ip: '(([0-9]{1,3}\.){3}[0-9]{1,3})\|([0-9a-fA-F:]{2,90})'`
First configuration read 2023-03-23 21:14:53 +01:00
			`streams:`
Close #1 #4 2023-03-24 00:27:51 +01:00			`tailDown:`
Filters now run in own goroutine. Not run by Streams anymore. 2023-03-25 18:04:44 +01:00			`cmd: [ "tail", "/home/ao/DOWN" ]`
First configuration read 2023-03-23 21:14:53 +01:00			`filters:`
Close #3 2023-03-24 17:36:41 +01:00			`findIP:`
Close #1 #4 2023-03-24 00:27:51 +01:00			`regex:`
Close #3 2023-03-24 17:36:41 +01:00			`- found <ip>`
			`# retry: 1`
Close #1 #4 2023-03-24 00:27:51 +01:00			`retry-period: 1s`
First configuration read 2023-03-23 21:14:53 +01:00			`actions:`
Close #1 #4 2023-03-24 00:27:51 +01:00			`damn:`
Close #3 2023-03-24 17:36:41 +01:00			`cmd: [ "echo", "<ip>" ]`
Close #1 #4 2023-03-24 00:27:51 +01:00			`sleepdamn:`
Close #3 2023-03-24 17:36:41 +01:00			`cmd: [ "echo", "sleep", "<ip>" ]`
			`after: 1s`