MarkZhangTW/failed.ip.sh

## failed.ip.sh
#sudo lastb -ai | head -n-2 | awk '{print$NF}' | awk '/[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+/{print}' | sort -t. -k1,1n -k2,2n -k3,3n -k4,4n | uniq --count | awk '$1>9{print$2}' > failed.ip.9
sudo lastb -ai | head -n-2 | awk '{print$NF}' | awk '/[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+/{print}' | sort | uniq --count | awk '$1>9{print$2}' > failed.ip.9
for ip in $(cat failed.ip.9); do
  sudo firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='$ip' reject"
done
sudo firewall-cmd --reload
	#sudo lastb -ai \| head -n-2 \| awk '{print$NF}' \| awk '/[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+/{print}' \| sort -t. -k1,1n -k2,2n -k3,3n -k4,4n \| uniq --count \| awk '$1>9{print$2}' > failed.ip.9
	sudo lastb -ai \| head -n-2 \| awk '{print$NF}' \| awk '/[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+/{print}' \| sort \| uniq --count \| awk '$1>9{print$2}' > failed.ip.9
	for ip in $(cat failed.ip.9); do
	sudo firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='$ip' reject"
	done
	sudo firewall-cmd --reload