v4l3n71n/deployment-web
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
deployment-web/roles/deploy-web/files/blacklist.sh

27 lines
1.1 KiB
Bash
Raw Normal View History

add blacklist sh
2023-01-25 20:09:19 +01:00
#!/bin/bash
MAIL=/tmp/mail
SERVER_LOG=/var/log/nginx
HOST=($(cat /etc/sentinel/virtualhost))
variable files blacklist
2023-02-02 23:35:06 +01:00
BLACKLIST=/etc/sentinel/blacklist
if [ ! -f ${BLACKLIST} ]; then
touch ${BLACKLIST}
add blacklist sh
2023-01-25 20:09:19 +01:00
fi
for i in ${HOST[@]}
do
log_access=${SERVER_LOG}/${i}_access.log
tail -n 50 $log_access | awk -F "|" '{ if($2 == "404") print $1}' > /tmp/404_$i
tail -n 50 $log_access | awk -F "|" '{ if($2 == "400") print $1}' > /tmp/400_$i
cat /tmp/404_$i | sort | uniq -c | awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_404
cat /tmp/400_$i |sort | uniq -c |awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_400
variable files blacklist
2023-02-02 23:35:06 +01:00
count=$(cat /tmp/blacklist_404 /tmp/blacklist_400 |grep -f ${BLACKLIST} -v |sort |uniq |wc -l)
add blacklist sh
2023-01-25 20:09:19 +01:00
if [ ${count} -ne 0 ]; then
variable files blacklist
2023-02-02 23:35:06 +01:00
echo "Nouvelle IP blacklisté" > ${MAIL}
cat /tmp/blacklist_400 /tmp/blacklist_404 |grep -f ${BLACKLIST} -v |sort |uniq >> ${MAIL}
echo "IP dejà blacklisté : " >> ${MAIL}
cat /tmp/blacklist_400 /tmp/blacklist_404 |grep -f ${BLACKLIST} -v |sort |uniq >> /tmp/blacklist
cat ${BLACKLIST} >> ${MAIL}
add blacklist sh
2023-01-25 20:09:19 +01:00
cat ${MAIL} |mail -s "Blacklist IP ${i}" valczebackup@gmail.com
fi
#rm $directory_host/*
done
Reference in New Issue Copy Permalink