Objective:
What I would like to accomplish is :
- To read file1 line by line and search each word in file2.
- To grab corresponding ip addresses found in file2
- To send related ip addresses to fail2ban (not iptables)
By this way, when I want to block any username, I will enter only his username into filtered.txt file and then his connection will be terminated when he tries to login to the system even when he changes his ip address.
Detail:
I have a txt file under /var/text folder and it consists of usernames:
filtered.txt
Code:
Code:
mark
angela
dimitriou
anna
michelle
What I need to do is:
1) Search each username (mark, angela, dimitriou, anna, michelle, etc..) in syslog file (it is under /var/log) and print it to a file (iplist)
Do you want to repel users or ip- addresses? What if any of those users logs in from a different node?
Hello,
I solved this issue. I wanted to block a list of users. At first, the script kicks their original ip. When they changed their ip, cron will detect this and ban them once again.
I defined and limited each user's login date and hour and minute. database.txt (##year_month_day_hour_minute)
Code:
sophie.bextor ##201403011017
dido ##201404251049
ray.charles ##201404290159
freddie.mercury ##201404012200
madonna ##201405050900
If he is not allowed to login anymore, the script sends his username to filtered.txt file and then mentioned above scenario starts.
The last step is add prefix ( iptables -A INPUT -s ) to the beginning of each line and add -j DROP to the end of each line with below script.
replace.sh
Code:
#!/bin/bash
prefix="iptables -A INPUT -s "
file="login-ip.txt"
while read -r line
do
echo "${prefix}$line"
done <$file > fail2ban_ip
#mv fail2ban_ip $file
sed -e 's/$/ -j DROP/' -i fail2ban_ip
when you open fail2ban_ip file, it will show something like this:
Code:
iptables -A INPUT -s 21.166.112.177 -j DROP
iptables -A INPUT -s 21.177.112.142 -j DROP
iptables -A INPUT -s 22.156.112.155 -j DROP
iptables -A INPUT -s 23.146.112.172 -j DROP
then, chmod 755 & ./fail2ban_ip under terminal
I will get those codes together into a script and set cronjob now .
As the problem has been sorted out by means of your valuable support, I would like to thank you all.
If I got you right, your setup allows one access to users having changed their IP address. I'm not sure this is what you want. Why not block access for the entire range of IP addresses and explicitely allow single users' nodes? Or, why not block/allow them in /etc/passwd?
If you want to block a list of users, what are they to be prevented from doing?
Login - change their shell to be /bin/false
FTP . - Add them to /etc/ftpusers
SFTP - Add them to the file referred to in sshd.conf
Everything - Change their encrypted password manually to a simple short string, so the encryption at login will never match it.
Does that help?
Robin
They cant get login to system. I am not familiar with ftp or sftp but you can run below script, add a your username into database.txt file and check what he can not do.
Sorry for the weird title but i have the following problem.
We have several files which have between 10000 and about 500000 lines in them. From these files we want to remove lines which contain a pattern which is located in another file (around 20000 lines, all EAN codes). We also want to get... (28 Replies)
Hello,
What I would like to do is a shell script which will read a database file, then it will compare the current date/hour/minute in each line existing in the database file.
Today is 20140305 (year_month_day) & assume that the time is 15:11 at the moment.
under /var/log/
database.txt
... (5 Replies)
Hello All
I have a file with this type of records:
=LDR 01157nas a22003011a 4500
=001 vtls000000013
=003 VRT
=005 20111020150800.0
=008 100128c19699999sp\a|||||\||||0\\\||spa|
=037 \\$a1327$i090$j090$k03
=039 ... (14 Replies)
I am a newbie and what I have is a captured file of content. I want to be able to grab 2 pieces of data, multiple times and print them to the screen.
DataFile
owner: locke
user: fun
data size: 60
location: Anaheim
owner: david
user: work
data size: 80
location: Orange
my script... (2 Replies)
Hey guys, I need a command that grabs only this part of the .txt file (that is attached), and outputs it to another .txt file with only these contents below. Thanks in advanced brothers:
Disk: Local Disk (C:), NTFS
Disk Defragmentation Summary
Disk Size 230.85 GB
Free Space Size... (4 Replies)
Hi,
I need a way to grab the total combines since inception, total pages read from webalizer on my centos server or any other location (as long as since inception) and display the result live on my website
So with each visit it would be increasing, or perhaps live (ajax) not sure
But can... (0 Replies)
Dear All,
I have a file in which there are 54 fields, i want to grab the all the lines and send to a new file where filed18 has lenght greater than 14. How can i do it without if condition and faster way:
currently i am reading file line by line and comparing the length
read fileLine... (9 Replies)
I have been trying to use the find command to grab the latest file in a directory and move it to another area. I can't seem to get only that file, I end up getting everything for the day.
Any ideas?
Thank you (1 Reply)