Bash check if grep matches string -

-

i writing bash script checks every 5 minutes if there ip address 100 or more invalid passwords (brute force attack) attempts.

the following script works:

blockips="$(cat /var/log/secure | grep "failed password for" | grep -v "invalid" | awk {'print $11'} | sort | uniq -c | awk -v limit=100 '$1 > limit{print $2}')"  while read -r line;  iptables -a input -s $line -p tcp --dport 22 -j drop  echo "blocking ip address: $line" done <<< "$blockips"

the problem script above after hour have duplicate entries in iptables. tried extend script check if ip address blocked, if so, should skip it.

this script:

blockips="$(cat /var/log/secure | grep "failed password for" | grep -v "invalid" | awk {'print $11'} | sort | uniq -c | awk -v limit=100 '$1 > limit{print $2}')" currentips="$(iptables-save)"  while read -r line;  if grep -q $line $currentips   echo "ip address blocked, skipping"  else  iptables -a input -s $line -p tcp --dport 22 -j drop  echo "blocking ip address: $line"  fi done <<< "$blockips"

but reasons not working , getting weird output:

grep: 2: no such file or directory grep: 18:19:53: no such file or directory grep: 2015: no such file or directory blocking ip address: 59.47.0.152 grep: #: no such file or directory grep: generated: no such file or directory grep: by: no such file or directory grep: iptables-save: no such file or directory

what wrong script?

what you're doing is:

grep -q test  string contains word test

hoping match word in string. grep thinks each of words file, , gives output you're seeing:

grep: this: no such file or directory grep: is: no such file or directory grep: a: no such file or directory grep: string: no such file or directory

to match in literal string instead of files, send string on stdin:

if grep -q "$line" <<< "$currentips"

though better off using glob matching:

if [[ "$currentips" = *"$line"* ]]

note if you've banned 1.2.3.45, 1.2.3.4 match , therefore not banned. can use above approach *" $line "* ensure there spaces around it, if input has that.

also consider installing fail2ban automatically in robust way.


Comments

Post a Comment

Popular posts from this blog

python - TypeError: start must be a integer -

-
i trying draw 5 turtles, getting typeerror on line 25. here code: import turtle wn = turtle.screen() redrose = turtle.turtle() color = input("what background color be?") fillcolor_f = input("what color of rose be?") redrose.hideturtle() redrose.speed(30) redrose.penup() redrose.left(180) redrose.forward(175) redrose.right(90) redrose.forward(30) redrose.right(90) redrose.pendown() def drawrose(red): redrose.color("pink") redrose.fillcolor(fillcolor_f) redrose.fill(true) in range(red): redrose.forward(i) redrose.right(49) in range(5): drawrose(redrose) redrose.penup() redrose.forward(350) redrose.right(144) redrose.pendown() redrose.fill(false) drawrose(50) wn.bgcolor(color) i trying draw 5 roses, produces errors. doing in interactivepython.org. you recursively calling drawrose wrong parameter. on line 23 ( for in range(red): ) expect red integer...
Read more

c# - DevExpress RepositoryItemComboBox BackColor property ignored -

-
i have following code almost works properly; private void cbstatus_drawitem(object sender, listboxdrawitemeventargs e) { string item = e.item string; if (item != null) { switch (item) { case "1": e.appearance.forecolor = color.green; e.appearance.backcolor = color.green; break; case "2": e.appearance.forecolor = color.orange; e.appearance.backcolor = color.orange; break; case "3": e.appearance.forecolor = color.red; e.appearance.backcolor = color.red; break; } } } when dropdown shown, items forecolor correct, backcolor remains whatever backcolor of theme is; i.e. if i've got set dark theme, backcolor dark, cells in gridview, rather being green/orange/red. i've tried setting e.appearance.options.usebackcolor trying set e....
Read more

django - Creating multiple model instances in DRF3 -

-
1) create multiple model instances 1 api call, asked here: how create multiple model instances django rest framework? tried solution named in link, no success. i trying upload multiple files in 1 api call. result: files uploaded (only once overwrote perform_create) 1 instance created (if send 2 files, latter created instance). my code: class fileuploadserializer(serializers.modelserializer): def __init__(self, *args, **kwargs): many = kwargs.pop('many', true) super(fileuploadserializer, self).__init__(many=many, *args, **kwargs) class meta: model = fileupload read_only_fields = ('created', 'datafile', 'owner') class fileuploadviewset(viewsets.modelviewset): queryset = fileupload.objects.all() serializer_class = fileuploadserializer parser_classes = (multipartparser, formparser, ) def perform_create(self, serializer): file_list = self.request.data.getlist('file') ...
Read more