BADIP filter

时间:2022-04-29 06:01:17
#!/bin/bash
touch /tmp/badipnew.log;touch /tmp/newip.log; if [ ! -f "/tmp/badip.log" ];then cat /var/log/secure|grep "authentication failure\|Did not receive identification"|grep -o '[0-9]\+\.[0-9\.]\+'|grep '\.' |sort|uniq > /tmp/badip.log;
for i in `cat /tmp/badip.log`;
do
echo $i;
iptables -t filter -A INPUT -s $i -m state --state NEW -j DROP ;
done; fi cat /var/log/secure|grep "authentication failure\|Did not receive identification"|grep -o '[0-9]\+\.[0-9\.]\+'|grep '\.' |sort|uniq > /tmp/badipnew.log;
diff /tmp/badip.log /tmp/badipnew.log |sed '1d'|grep ">"|awk '{print $2}' > /tmp/newip.log cat /tmp/newip.log >> badip.log; for i in `cat /tmp/newip.log`;
do
echo $i;
iptables -t filter -A INPUT -s $i -m state --state NEW -j DROP ;
done;
:>/tmp/badipnew.log;
:>/tmp/newip.log