add blacklist sh

2023-01-25 20:09:19 +01:00 · 2023-01-25 20:09:19 +01:00 · 8a5746cb13
commit 8a5746cb13
parent 8e2211e365
1 changed files with 23 additions and 0 deletions
--- a/roles/deploy-web/files/blacklist.sh
+++ b/roles/deploy-web/files/blacklist.sh
@ -0,0 +1,23 @@
+#!/bin/bash
+MAIL=/tmp/mail
+SERVER_LOG=/var/log/nginx
+HOST=($(cat /etc/sentinel/virtualhost))
+if [ ! -f /tmp/blacklist ]; then
+	touch /tmp/blacklist
+fi
+for i in ${HOST[@]}
+do
+	log_access=${SERVER_LOG}/${i}_access.log
+	tail -n 50 $log_access | awk -F "|" '{ if($2 == "404") print $1}' > /tmp/404_$i
+	tail -n 50 $log_access | awk -F "|" '{ if($2 == "400") print $1}' > /tmp/400_$i
+	cat /tmp/404_$i | sort | uniq -c | awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_404
+	cat /tmp/400_$i |sort | uniq -c |awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_400
+	count=$(cat /tmp/blacklist_404 /tmp/blacklist_400 |grep -f /tmp/blacklist -v |sort |uniq |wc -l)
+	if [ ${count} -ne 0 ]; then
+		cat /tmp/blacklist_400 /tmp/blacklist_404 |grep -f /tmp/blacklist -v  |sort |uniq >> /tmp/blacklist
+		echo "IP blacklisté : " > ${MAIL}
+		cat /tmp/blacklist >> ${MAIL}
+		cat ${MAIL} |mail -s "Blacklist IP ${i}" valczebackup@gmail.com
+	fi
+	#rm $directory_host/*
+done