Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Read file, grab ip with fail2ban
Top Forums Shell Programming and Scripting Read file, grab ip with fail2ban Post 302892539 by baris35 on Thursday 13th of March 2014 10:56:59 AM
Old 03-13-2014
Quote:
Originally Posted by RudiC
Do you want to repel users or ip- addresses? What if any of those users logs in from a different node?
Hello,
I solved this issue. I wanted to block a list of users. At first, the script kicks their original ip. When they changed their ip, cron will detect this and ban them once again.

I defined and limited each user's login date and hour and minute.
database.txt (##year_month_day_hour_minute)
Code:
sophie.bextor ##201403011017
dido ##201404251049
ray.charles ##201404290159
freddie.mercury ##201404012200
madonna ##201405050900

If he is not allowed to login anymore, the script sends his username to filtered.txt file and then mentioned above scenario starts.

filter_accts.pl
Code:
#!/usr/bin/perl

use Time::Local;
open outf, "> filtered.txt";

while (<>) {
    @f = split /#/, $_;
    $yr = substr($f[2], 0, 4);
    $mo = substr($f[2], 4, 2);
    $dy = substr($f[2], 6, 2);
    $hr = substr($f[2], 8, 2);
    $mi = substr($f[2], 10, 2);
    print outf if time > timelocal(0, $mi, $hr, $dy, $mo-1, $yr-1900);
}

When you run below code:

Code:
./filter_accts.pl database.txt

Output will be
filtered.txt:
Code:
sophie.bextor ##201403011017

to remove ## signs, i created filtered2.txt:
Code:
sophie.bextor

Looks up sophie.bextor's ip in syslog file:
Code:
grep -wf filtered2.txt /var/log/syslog > new.txt

to remove unneccessary lines:
Code:
sed -n '/login/p' /var/test/new.txt > /var/test/login

Then to be able to extract list of ip addresses:
Code:
awk '/^[0-9.]+[.][0-9]+$/{if(!a[$0]++)print $0}' RS="[ :/\n]" login > login-ip.txt

The last step is add prefix ( iptables -A INPUT -s ) to the beginning of each line and add -j DROP to the end of each line with below script.

replace.sh
Code:
#!/bin/bash
prefix="iptables -A INPUT -s "
file="login-ip.txt"
while read -r line
do
 echo "${prefix}$line"
done <$file > fail2ban_ip
#mv fail2ban_ip $file
sed -e 's/$/ -j DROP/' -i fail2ban_ip

when you open fail2ban_ip file, it will show something like this:
Code:
iptables -A INPUT -s 21.166.112.177 -j DROP
iptables -A INPUT -s 21.177.112.142 -j DROP
iptables -A INPUT -s 22.156.112.155 -j DROP
iptables -A INPUT -s 23.146.112.172 -j DROP

then, chmod 755 & ./fail2ban_ip under terminal

I will get those codes together into a script and set cronjob now .

As the problem has been sorted out by means of your valuable support, I would like to thank you all.

Regards
Boris
Last edited by baris35; 03-13-2014 at 12:07 PM..
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to Grab the latest file

I have been trying to use the find command to grab the latest file in a directory and move it to another area. I can't seem to get only that file, I end up getting everything for the day. Any ideas? Thank you (1 Reply)
Discussion started by: n9ninchd
1 Replies

2. Shell Programming and Scripting

Grab from the file in one command

Dear All, I have a file in which there are 54 fields, i want to grab the all the lines and send to a new file where filed18 has lenght greater than 14. How can i do it without if condition and faster way: currently i am reading file line by line and comparing the length read fileLine... (9 Replies)
Discussion started by: bilalghazi
9 Replies

3. Emergency UNIX and Linux Support

Grab total page read from webalizer display in html

Hi, I need a way to grab the total combines since inception, total pages read from webalizer on my centos server or any other location (as long as since inception) and display the result live on my website So with each visit it would be increasing, or perhaps live (ajax) not sure But can... (0 Replies)
Discussion started by: lawstudent
0 Replies

4. Shell Programming and Scripting

Help me grab a passage out of this text file?

Hey guys, I need a command that grabs only this part of the .txt file (that is attached), and outputs it to another .txt file with only these contents below. Thanks in advanced brothers: Disk: Local Disk (C:), NTFS Disk Defragmentation Summary Disk Size 230.85 GB Free Space Size... (4 Replies)
Discussion started by: aabbasi
4 Replies

5. Shell Programming and Scripting

Grab 2 pieces of data within a file

I am a newbie and what I have is a captured file of content. I want to be able to grab 2 pieces of data, multiple times and print them to the screen. DataFile owner: locke user: fun data size: 60 location: Anaheim owner: david user: work data size: 80 location: Orange my script... (2 Replies)
Discussion started by: greglocke
2 Replies

6. Shell Programming and Scripting

Grab from file with sed

Hello All I have a file with this type of records: =LDR 01157nas a22003011a 4500 =001 vtls000000013 =003 VRT =005 20111020150800.0 =008 100128c19699999sp\a|||||\||||0\\\||spa| =037 \\$a1327$i090$j090$k03 =039 ... (14 Replies)
Discussion started by: ldiaz2106
14 Replies

7. Shell Programming and Scripting

Script year_month_day_hour_minute with fail2ban

Hello, What I would like to do is a shell script which will read a database file, then it will compare the current date/hour/minute in each line existing in the database file. Today is 20140305 (year_month_day) & assume that the time is 15:11 at the moment. under /var/log/ database.txt ... (5 Replies)
Discussion started by: baris35
5 Replies

8. Shell Programming and Scripting

awk remove/grab lines from file with pattern from other file

Sorry for the weird title but i have the following problem. We have several files which have between 10000 and about 500000 lines in them. From these files we want to remove lines which contain a pattern which is located in another file (around 20000 lines, all EAN codes). We also want to get... (28 Replies)
Discussion started by: SDohmen
28 Replies
All times are GMT -4. The time now is 12:43 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy