script needed
Shaw, Marco
Marco.Shaw at aliant.ca
Fri Aug 5 12:32:24 UTC 2005
> #!/bin/bash
>
> IPADDRLIST=`tail -50 /var/log/messages | grep "<line
> pattern>" | awk '{print
> $<ip addr field number>}' | sort | uniq`
>
> for IPADDR in $IPADDRLIST
> do
> IPADDRCNT=`tail -50 /var/log/messages | grep "<line
> pattern>" | grep
> -c $IPADDR`
>
> if [[ $IPADDRCNT -ge 10 ]]
> then
> EXISTS=`grep -c $IPADDR /etc/hosts.deny`
>
> if [[ $EXISTS -eq 0 ]]
> then
> echo $IPADDR >> /etc/hosts.deny
> fi
> fi
> done
It's a slow Friday at work... ;-)
Sorry, I think I found another little problem.
Here: EXISTS=`grep -c $IPADDR /etc/hosts.deny`
You might grep for 10.10.10.10 in /etc/hosts.deny, which would
also match possibly an existing 10.10.10.100 entry by error.
I think you may have to go with changing this line to something like:
EXISTS=`grep -c "^${IPADDR}$" /etc/hosts.deny`
I realize your script is just supposed to be somewhat of a guide.
Sorry again, for the critiques (spelling?).
Marco
More information about the redhat-list
mailing list