Created
March 3, 2020 09:15
-
-
Save rojenzaman/a4120677e62ee2de8d3a5ad5bac1bc73 to your computer and use it in GitHub Desktop.
fail2ban'da 5 defadan fazla banlanan ip adresi olursa onu /etc/hosts.deny dosyasına ekleyecek bir script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Written by @keraattin | |
CURRENT_DATE=$(date +"%Y-%m-%d") | |
CREATE_TODAY_FILE=$(touch /tmp/today_banned.txt) | |
TODAY_BANNED=$(cat /var/log/fail2ban.log | grep $CURRENT_DATE | grep Ban | gawk '{print $8}' >> /tmp/today_banned.txt) | |
COUNT=$(sort /tmp/today_banned.txt | uniq -c) | |
printf "$COUNT\n" | |
sort /tmp/today_banned.txt | uniq -c | awk -v limit=5 '$1 > limit{print $2}' | { | |
while IFS= read -r line | |
do | |
if grep -wo -q $line /etc/hosts.deny; then | |
printf "\n$line Already Exist\n" | |
else | |
echo "ALL: $line" >> /etc/hosts.deny | |
fi | |
done | |
} | |
REMOVE_TODAY_FILE=$(rm /tmp/today_banned.txt) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment