From 8a5746cb135c467231d791a280e6c81bf7358412 Mon Sep 17 00:00:00 2001
From: Valentin CZERYBA <valcze80@gmail.com>
Date: Wed, 25 Jan 2023 20:09:19 +0100
Subject: [PATCH] add blacklist sh

---
 roles/deploy-web/files/blacklist.sh | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100755 roles/deploy-web/files/blacklist.sh

diff --git a/roles/deploy-web/files/blacklist.sh b/roles/deploy-web/files/blacklist.sh
new file mode 100755
index 0000000..5e47529
--- /dev/null
+++ b/roles/deploy-web/files/blacklist.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+MAIL=/tmp/mail
+SERVER_LOG=/var/log/nginx
+HOST=($(cat /etc/sentinel/virtualhost))
+if [ ! -f /tmp/blacklist ]; then
+	touch /tmp/blacklist
+fi
+for i in ${HOST[@]}
+do
+	log_access=${SERVER_LOG}/${i}_access.log
+	tail -n 50 $log_access | awk -F "|" '{ if($2 == "404") print $1}' > /tmp/404_$i
+	tail -n 50 $log_access | awk -F "|" '{ if($2 == "400") print $1}' > /tmp/400_$i
+	cat /tmp/404_$i | sort | uniq -c | awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_404
+	cat /tmp/400_$i |sort | uniq -c |awk '{ if($1 >= 5) print $2}' > /tmp/blacklist_400
+	count=$(cat /tmp/blacklist_404 /tmp/blacklist_400 |grep -f /tmp/blacklist -v |sort |uniq |wc -l)
+	if [ ${count} -ne 0 ]; then
+		cat /tmp/blacklist_400 /tmp/blacklist_404 |grep -f /tmp/blacklist -v  |sort |uniq >> /tmp/blacklist
+		echo "IP blacklisté : " > ${MAIL}
+		cat /tmp/blacklist >> ${MAIL}
+		cat ${MAIL} |mail -s "Blacklist IP ${i}" valczebackup@gmail.com
+	fi
+	#rm $directory_host/*
+done