Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help tcpdrop script
Top Forums Shell Programming and Scripting Help tcpdrop script Post 302906553 by BernardoCR on Friday 20th of June 2014 02:25:01 PM
Old 06-20-2014
Help tcpdrop script
Hello,

I'm using a commando to check wich IPS are openning a large amount of connections to my server and kill them (to reduce synflood attack effects).

The command is the following one:

Code:
netstat -an | grep ^tcp | awk '{ print $5 }' | egrep -v '^(172\.16|192\.168|127\.0)' | cut -f1-4 -d\. | awk '{ a[$1]++ } END { for (i in a) { if (a[i] > 70) { print i; } } }' | xargs -n1 -I % sh -c 'sockstat -c | grep %' | awk '{ print $6 " " $7 }' | sed -e 's/:/ /g' -e 's/^/ tcpdrop /' | sh

It works when I run ./tcpdrop.sh, but when I try to add it to crontab it gives me the following error:

Code:
tcpdrop: not found
tcpdrop: not found
tcpdrop: not found

I have tried already to add an alias tcpdrop=/usr/sbin/tcpdrop, but had no success.

I think a way to make it work is, instead of outputing "tcpdrop", it would output /usr/sbin/tcpdrop, but I don't know how to change the "sed" command to add the whole path of tcpdrop.

Another question I need to solve is how to ignore certain IP addresses, like 67.43.2.1. I tried to include the IP on the egrep -v '^(172\.16|192\.168|127\.0)' command, like egrep -v '^(172\.16|192\.168|127\.0|67.43.2.1)'but didn't work.

I apreciatte your help.

Thank you.
 

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

create a shell script that calls another script and and an awk script

Hi guys I have a shell script that executes sql statemets and sends the output to a file.the script takes in parameters executes sql and sends the result to an output file. #!/bin/sh echo " $2 $3 $4 $5 $6 $7 isql -w400 -U$2 -S$5 -P$3 << xxx use $4 go print"**Changes to the table... (0 Replies)
Discussion started by: magikminox
0 Replies

2. Shell Programming and Scripting

Script will keep checking running status of another script and also restart called script at night

I am using blow script :-- #!/bin/bash FIND=$(ps -elf | grep "snmp_trap.sh" | grep -v grep) #check snmp_trap.sh is running or not if then # echo "process found" exit 0; else echo "process not found" exec /home/Ketan_r /snmp_trap.sh 2>&1 & disown -h ... (1 Reply)
Discussion started by: ketanraut
1 Replies

3. UNIX for Dummies Questions & Answers

Calling a script from master script to get value from called script

I am trying to call a script(callingscript.sh) from a master script(masterscript.sh) to get string type value from calling script to master script. I have used scripts mentioned below. #masterscript.sh ./callingscript.sh echo $fileExist #callingscript.sh echo "The script is called"... (2 Replies)
Discussion started by: Raj Roy
2 Replies

4. Shell Programming and Scripting

Shell script works fine as a standalone script but not as part of a bigger script

Hello all, I am facing a weird issue while executing a code below - #!/bin/bash cd /wload/baot/home/baotasa0/sandboxes_finance/ext_ukba_bde/pset sh UKBA_publish.sh UKBA 28082015 3 if then echo "Param file conversion for all the areas are completed, please check in your home directory"... (2 Replies)
Discussion started by: ektubbe
2 Replies

5. Shell Programming and Scripting

How to block first bash script until second bash script script launches web server/site?

I'm new to utilities like socat and netcat and I'm not clear if they will do what I need. I have a "compileDeployStartWebServer.sh" script and a "StartBrowser.sh" script that are started by emacs/elisp at the same time in two different processes. I'm using Cygwin bash on Windows 10. My... (3 Replies)
Discussion started by: siegfried
3 Replies

LEARN ABOUT CENTOS

rlm_ippool_tool

RLM_IPPOOL_TOOL(8)					      System Manager's Manual						RLM_IPPOOL_TOOL(8)

NAME

       rlm_ippool_tool - dump the contents of the FreeRadius ippool database files

SYNOPSIS

       If an ipaddress is specified then that address is used to limit the actions or output.

       rlm_ippool_tool [-a] [-c] [-o] [-v] session-db index-db [ipaddress]

       Mark the entry nasIP/nasPort as having ipaddress

       rlm_ippool_tool -n session-db index-db ipaddress nasIP nasPort

       Update old format database to new.

       rlm_ippool_tool -u session-db new-session-db

DESCRIPTION

       rlm_ippool_tool dumps the contents of the FreeRADIUS ippool databases for analyses or for removal of active (stuck?) entries.

       Or with the -n argument adds a usage entry to the FreeRADIUS ippool databases.

OPTIONS

       -a     Print all active entries.

       -c     Report number of active entries.

       -r     Remove active entries.

       -v     Verbose report of all entries.

       -o     Assume old database format (nas/port pair, not md5 output).

       -n     Mark the entry nasIP/nasPort as having ipaddress.

       -u     Update old format database to new.

EXAMPLES

       Given the syntax in the FreeRadius radiusd.conf:

	       ippool myippool {
		   range-start = 192.0.2.0
		   range-stop = 192.0.2.255
		   [...]
		   session-db = ${raddbdir}/ip-pool.db
		   ip-index = ${raddbdir}/ip-index.db
	       }

       To see the number of active entries in this pool, use:

	       $ rlm_ippool_tool -c ip-pool.db ip-index.db
	       13

       To see all active entries in this pool, use:

	       $ rlm_ippool_tool -a ip-pool.db ip-index.db
	       192.0.2.5
	       192.0.2.82
	       192.0.2.244
	       192.0.2.57
	       192.0.2.120
	       192.0.2.27
	       [...]

       To see all information about the active entries in the use, use:

	       $ rlm_ippool_tool -av ip-pool.db ip-index.db
	       NAS:172.16.1.1 port:0x2e8 - ipaddr:192.0.2.5 active:1 cli:0 num:1
	       NAS:172.16.1.1 port:0x17c - ipaddr:192.0.2.82 active:1 cli:0 num:1
	       NAS:172.16.1.1 port:0x106 - ipaddr:192.0.2.244 active:1 cli:0 num:1
	       NAS:172.16.1.1 port:0x157 - ipaddr:192.0.2.57 active:1 cli:0 num:1
	       NAS:172.16.1.1 port:0x2d8 - ipaddr:192.0.2.120 active:1 cli:0 num:1
	       NAS:172.16.1.1 port:0x162 - ipaddr:192.0.2.27 active:1 cli:0 num:1
	       [...]

       To see only information of one entry, use:

	       $ rlm_ippool_tool -v ip-pool.db ip-index.db 192.0.2.1
	       NAS:172.16.1.1 port:0x90 - ipaddr:192.0.2.1 active:0 cli:0 num:0

       To add an IP address usage entry, use:

	       $ rlm_ippool_tool -n ip-pool.db ip-index.db 192.0.0.1 172.16.1.1 0x90
	       rlm_ippool_tool: Allocating ip to nas/port: 172.16.1.1/144
	       rlm_ippool_tool: num: 1
	       rlm_ippool_tool: Allocated ip 192.0.2.1 to client on nas 172.16.1.1,port 144

SEE ALSO

       radiusd(8)

AUTHORS

       Currently   part   of   the   FreeRADIUS   Project   (http://www.freeradius.org)   Originally   by   Edwin   Groothuis,	 edwin@mavetju.org
       (http://www.mavetju.org)

       Mailing list details are at http://www.freeradius.org/

																RLM_IPPOOL_TOOL(8)
All times are GMT -4. The time now is 01:34 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy