-
Notifications
You must be signed in to change notification settings - Fork 7
/
wwwsas-crontab.example
48 lines (38 loc) · 2.68 KB
/
wwwsas-crontab.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# From: /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
# m h dom mon dow user-name command
# @reboot user-name command
# Open the custom SSH port
# @reboot root sleep 15 && /usr/sbin/iptables -w -A IN_public_allow -p tcp -m tcp --dport 10181 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT
# Save the default state of iptables and ipset
@reboot root sleep 20 && "/etc/wwwsas/firewall/ipset-default-save.sh" >"/etc/wwwsas/tmp/ipset-default-save.cron.log" 2>&1
@reboot root sleep 25 && "/etc/wwwsas/firewall/iptables-default-save.sh" >"/etc/wwwsas/tmp/iptables-default-save.cron.log" 2>&1
# @reboot root sleep 30 && "/etc/wwwsas/firewall/firewall.superhosting-mod.sh" >"/etc/wwwsas/tmp/firewall.superhosting-mod.cron.log" 2>&1
# Restore the last state of iptables and ipset (workaround approach when ifup/ifdown are not available)
@reboot root sleep 35 && "/etc/wwwsas/firewall/ipset-restore.sh" >"/etc/wwwsas/tmp/ipset-restore.cron.log" 2>&1
@reboot root sleep 40 && "/etc/wwwsas/firewall/iptables-restore.sh" >"/etc/wwwsas/tmp/iptables-restore.cron.log" 2>&1
# Auto restore the defaults each 30 minutes during the SETUP preocess > disable these rules when you are ready
*/30 * * * * root "/etc/wwwsas/firewall/ipset-default-restore.sh" >"/etc/wwwsas/tmp/ipset-default-restore.cron.log" 2>&1
*/30 * * * * root "/etc/wwwsas/firewall/iptables-default-restore.sh" >"/etc/wwwsas/tmp/iptables-default-restore.cron.log" 2>&1
# Flush iptables WWWSAS chain each week
0 3 * * 7 root "/etc/wwwsas/firewall/iptables-flush-wwwsas.sh" >"/etc/wwwsas/tmp/iptables-flush-wwwsas.cron.log" 2>&1
# Flood detector: execute flood-detector.sh each minute
* * * * * root "/etc/wwwsas/modules/flood-detector.sh" 'AutoMode' >> "/etc/wwwsas/tmp/execution.log" 2>&1
# Log analyse: execute post-analyse.sh each hour
15 * * * * root "/etc/wwwsas/modules/post-analyse.sh" 'AutoMode' >> "/etc/wwwsas/tmp/execution.log" 2>&1
# GeoLite2 Data base Update: execute geoip-update.sh two times per week
0 2 * * 3,6 root "/etc/wwwsas/modules/geoip-update.sh" >> "/etc/wwwsas/tmp/geoip-update.cron.log" 2>&1