IP Blocker is an incident response tool for network admins that automatically updates IPv4 access control lists (ACL) on Cisco routers and other devices. Web and command line interfaces (CLI) are both supported. Logging, email notification, and automatic expiration of blocks using policy-based TTL values are all supported.
IP Blocker is free software licensed under the GPL, either Version 2 or any any later version.
Net::IPBlocker is a collection of Perl modules which provide the foundation for the IP Blocker scripts. This library enables developers to easily add functionality from the IP Blocker toolkit into any Perl script. Example projects that leverage Net::IPBlocker can be found at projects.ipblocker.org.
The Net::IPBlocker library is free software licensed under the same terms as Perl, allowing you to choose between the GPL and Artistic licenses.
IP Blocker was designed to automate the tedious task of updating Cisco ACL's on border routers. Some users have setup scripts which on-demand call IP Blocker to add or remove a blocking statement, while other users have directed their SOC and NOC operators to use the IP Blocker web interface for blocking suspicious IP's that were identified by IDS or other cyber security systems.
Net::IPBlocker provides a lot of utility to Perl coders who are trying to remotely control devices over the network which provide a simple telnet-style CLI. Telnet, ssh, and rsh are all supported. Additionally, Net::IPBlocker provides a simple framework to handle basic Perl application tasks such as logging, web session management, web authentication, etc.
IP Blocker currently supports the following devices for blocking actions:
Net::IPBlocker currently supports the following devices for remote control:
chammer is an exciting example of what can be done with Net::IPBlocker, where a simple Perl script can leverage these modules to automate mass configuration and password changes across all of the Cisco devices in an enterprise network.
The full change log is available online.
Active development continues at a slow but steady pace to add additional features. Contributions are welcome. The code is considered stable and production-ready, although it does generate the occassional quirk from unexpected output generated by legacy devices. What did you expect for free? No garauntees are provided.
The ipblocker.org website was established on October 5, 2002 and was online without significant interuption until 2006. The site was offline from May 12, 2006 through July 30, 2007. The site was restored to service on July 31, 2007.
*nix platform with Perl plus the following Perl modules:
# perl -MCPAN -e shell cpan> install DateTime cpan> install Date::Manip cpan> install Time::Format cpan> install Net::Telnet cpan> install IO::Pty cpan> install Digest::SHA cpan> install Crypt::CBC cpan> install Crypt::Rijndael
Development platform is Linux with Perl.
IP Blocker is written in Perl and may run almost anywhere. Please let us know if you're successful at running it on platforms other than Linux.
If you have questions about this software or are interested in supporting the project, please contact us.
IP Blocker is licensed under the terms of the GNU General Public License, as published by the Free Software Foundation, either Version 2 of the License, or any later version. This gives you legal permission to copy, distribute and/or modify IP Blocker under certain conditions. Read the 'LICENSE' file in the distribution package or read the online version of the license for more details. IP Blocker is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.
Copyright © 2002-2007 Rob Patrick. All information, documentation, software, and other materials on this website are provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.
Linux is a registered trademark of Linus Torvalds. Cisco and Cisco IOS are registered trademarks of Cisco Systems, Inc.
This page last modified on Thursday, August 02, 2007