BADIP filter

#!/bin/bash
touch /tmp/badipnew.log;touch /tmp/newip.log;


if [ ! -f "/tmp/badip.log" ];then

cat /var/log/secure|grep "authentication failure\|Did not receive identification"|grep -o '[0-9]\+\.[0-9\.]\+'|grep '\.' |sort|uniq > /tmp/badip.log;
for i in `cat /tmp/badip.log`;
do
echo $i;
iptables -t filter -A INPUT -s $i -m state --state NEW -j DROP ;
done;


fi


cat /var/log/secure|grep "authentication failure\|Did not receive identification"|grep -o '[0-9]\+\.[0-9\.]\+'|grep '\.' |sort|uniq > /tmp/badipnew.log;
diff /tmp/badip.log /tmp/badipnew.log |sed '1d'|grep ">"|awk '{print $2}' > /tmp/newip.log

cat /tmp/newip.log >> badip.log;

for i in `cat /tmp/newip.log`;
do
echo $i;
iptables -t filter -A INPUT -s $i -m state --state NEW -j DROP ;
done;
:>/tmp/badipnew.log;
:>/tmp/newip.log

 

posted @ 2016-09-20 03:06  archoncap  阅读(166)  评论(0编辑  收藏  举报