snxraven/brute-fix.sh

## brute-fix.sh
#!/bin/bash

#Properly Pull all IP's from BruteForce Log!\
echo "Starting Proccess to block IP's in bruteForce Log from DA"
echo "==============="
echo "DUMPING LOG IPS"
exec cat /usr/local/directadmin/data/admin/brute_log_entries.list | cut -d= -f5 | sed 's/\&.*//' | sed -e's/%\([0-9A-F][0-9A-F]\)/\\\\\x\1/g' | xargs echo -e | sed 's/ /\n/g' | uniq > bruteforce.txt
echo "==============="
# Extra Filter of BruteForce List | Uniq
echo "Filtering the IP's so there are no duplicates"
echo "==============="
exec sort bruteforce.txt | uniq -u > filteruniq.txt

# Block ALL IPS IN BruteForce Log
#while IFS= read -r in;do csf -d "$in";done <  bruteforce.txt

# Dump Current Blocked IPS List from CSF.DENY
echo "DUMPING CSF LIST"
echo "==============="
exec cat /etc/csf/csf.deny | awk {'print $1'} > currentDeny.txt
#Check for dupes in the filteredIPS From the BruteForce Log and compairs to CSG DENY
# Saves a new list with needed IP Addresses for MASS DENY
echo "Compairing both lists for a uniqe output"
echo "==============="

exec comm -23 <(sort filteruniq.txt) <(sort currentDeny.txt) > newBlockList.txt
echo "done"

## bruteBlock
bash /rscripts/brute-fix.sh && bash /rscripts/doBlock.sh

## bruteTempBlock
bash /rscripts/brute-fix.sh && bash /rscripts/doTempBlock.sh

## doBlock.sh
# Roll through the new list, there should be NO duplicates
echo "Starting block of all unique IP's"
echo "==============="
eval 'while IFS= read -r in;do sudo  csf -d "$in";done <  newBlockList.txt'
echo "Finished! Cleaning up!"
# Cleanup
echo "==============="
echo "Clearing Temp Data"
eval "rm -f bruteforce.txt  currentDeny.txt  filteruniq.txt  newBlockList.txt"
echo "==============="
echo "Clearing BruteForce Log"
eval "rm -f /usr/local/directadmin/data/admin/brute_log_entries.list"
echo "==============="
echo "Restarting CSF"
eval "sudo  csf -r"
echo "CSF RESTARTED!"
echo "==============="
echo "We are all done, the new BruteForce offenders have been added to CSF."

## doTempBlock.sh
# Roll through the new list, there should be NO duplicates
echo "Starting block of all unique IP's"
echo "==============="
eval 'while IFS= read -r in;do sudo csf -td "$in";done <  newBlockList.txt'
echo "Finished! Cleaning up!"
# Cleanup
echo "==============="
echo "Clearing Temp Data"
eval "rm -f bruteforce.txt  currentDeny.txt  filteruniq.txt  newBlockList.txt"
echo "==============="
echo "Clearing BruteForce Log"
eval "rm -f /usr/local/directadmin/data/admin/brute_log_entries.list"
echo "==============="
echo "Restarting CSF"
eval "sudo  csf -r"
echo "CSF RESTARTED!"
echo "==============="
echo "We are all done, the new BruteForce offenders have been added to CSF."
	#!/bin/bash

	#Properly Pull all IP's from BruteForce Log!\
	echo "Starting Proccess to block IP's in bruteForce Log from DA"
	echo "==============="
	echo "DUMPING LOG IPS"
	exec cat /usr/local/directadmin/data/admin/brute_log_entries.list \| cut -d= -f5 \| sed 's/\&.*//' \| sed -e's/%\([0-9A-F][0-9A-F]\)/\\\\\x\1/g' \| xargs echo -e \| sed 's/ /\n/g' \| uniq > bruteforce.txt
	echo "==============="
	# Extra Filter of BruteForce List \| Uniq
	echo "Filtering the IP's so there are no duplicates"
	echo "==============="
	exec sort bruteforce.txt \| uniq -u > filteruniq.txt

	# Block ALL IPS IN BruteForce Log
	#while IFS= read -r in;do csf -d "$in";done < bruteforce.txt

	# Dump Current Blocked IPS List from CSF.DENY
	echo "DUMPING CSF LIST"
	echo "==============="
	exec cat /etc/csf/csf.deny \| awk {'print $1'} > currentDeny.txt
	#Check for dupes in the filteredIPS From the BruteForce Log and compairs to CSG DENY
	# Saves a new list with needed IP Addresses for MASS DENY
	echo "Compairing both lists for a uniqe output"
	echo "==============="

	exec comm -23 <(sort filteruniq.txt) <(sort currentDeny.txt) > newBlockList.txt
	echo "done"
	# Roll through the new list, there should be NO duplicates
	echo "Starting block of all unique IP's"
	echo "==============="
	eval 'while IFS= read -r in;do sudo csf -d "$in";done < newBlockList.txt'
	echo "Finished! Cleaning up!"
	# Cleanup
	echo "==============="
	echo "Clearing Temp Data"
	eval "rm -f bruteforce.txt currentDeny.txt filteruniq.txt newBlockList.txt"
	echo "==============="
	echo "Clearing BruteForce Log"
	eval "rm -f /usr/local/directadmin/data/admin/brute_log_entries.list"
	echo "==============="
	echo "Restarting CSF"
	eval "sudo csf -r"
	echo "CSF RESTARTED!"
	echo "==============="
	echo "We are all done, the new BruteForce offenders have been added to CSF."