tcpblock automates blocking clients who connect too often to
tcpserver controlled services and builds a tcp.smtp style deny file
to temporarily block them.

Usage:
tcpblock -d /path/to/multilog/dir

Options:
  -d path to your tcpservers multilog directory
  -c X where X is the maximum number of allowed connections
  -t Y where Y is the time period to check in minutes
  -e optional list of ip's to exempt from blocking
  -D enable debug output

Defaults: 
  checking time period: 30 minutes
  maximum connections allowed per period: 20
  debugging off
  no exception file

Files: 
  tcpblock.c : the C source code

  build_tcpblocks.sh : example script to run from cron
   you will probably need to modify this script to change
   the locations of your tcp.smtp file

  cron.tcpblock : example crontab entry to run the
   build_tcpblocks.sh script
 
Installation:
1) Compile
   make tcpblock
   This will compile the tcpblock program

2) Install:
   make install
   This will copy the tcpblock program to /usr/local/bin

3) Customize build_tcpblocks.sh script for your system
   edit the build_tcpblocks.sh script to set where your
   tcp.smtp files live and the options to tcpblock 

   copy build_tcpblocks.sh to /usr/local/bin or wherever
   you want it to be on your system.

4) create exception file
   Get a list of all the IP addresses in your domain
   that you wish to exempt from checking. The format
   is similar to tcp.smtp files. One IP address per
   line. You can enable whole A, B or C classes like so:
   10.      entire 10.* A class
   192.168. entire 192.168 B class 
   X.Y.Z.   entire X.Y.Z C class 

   The exception_file in the source directory shows an
   example of allowing 127. and 192.168. A and B classes.
  

5) Put into production with crontab entry
   add the cron.tcpblock example to your cron system
   modify how often you want it to run to match your
   systems needs and the options used in your build_tcpblocks.sh script.


Integrating with other tcp.smtp programs like vpopmail's clearopensmtp
----------------------------------------------------------------------
Some other programs like vpopmail's clearopensmtp program can be used
with tcpblock. In these cases we recommend putting your static IP
addresses into a file named tcp.smtp.static and writing your tcpblock
file to tcp.smtp.block.

Then modify your build_tcpblock.sh script like so:
#!/bin/sh
# this line builds your tcp.smtp.block file
/usr/local/bin/tcpblock -d /var/log/smtp \
 -e /home/vpopmail/etc/exception_file -c20 -t30 > \
 /home/vpopmail/etc/tcp.smtp.block

# this line combines the tcp.smtp.block file with your static list 
# of tcp.smtp ips into the standard tcp.smtp file
cat /home/vpopmail/etc/tcp.smtp.block /home/vpopmail/etc/tcp.smtp.static > \
 /home/vpopmail/etc/tcp.smtp

# vpopmail's clearopensmtp program reads an open-smtp file 
# and combines it with tcp.smtp. Then builds the final tcp.smtp.cdb file
/var/lib/vpopmail/bin/clearopensmtp