shell-script-pt
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Script Firewall

From: Standler meir
Subject: Script Firewall
Date: Wed, 11 Nov 2009 04:10:57 -0800 (PST) 
Olá Gurus,

Alguém poderia me ajudar com o script abaixo?
Quando rodo ele fica dando essa mensagem:

grep: [ ou [^ descasados
grep: [ ou [^ descasados

Aceito qualquer sugestão de melhorias.


Desde já grato pela atenção dos amigos.

----------------------------------------------------------------------------------------------------------------

#!/bin/sh

idjits=`basename $0`
TMPFILE=`mktemp /tmp/${idjits}.XXXXXX` || exit 1

messages=/var/log/asterisk/messages
time=`tail -n 2 /var/log/asterisk/messages | sed -n '1p' | awk '{print $2}' | 
awk -F : '{print $1":"}'`


day=`tail -n 2 /var/log/asterisk/messages | sed -n '1p' | awk '{print $1}'`


echo "grep \"$day $time\" $messages" |sh|\
awk '/Wrong password/{print $11}'|\
sed 's:'\''::g'|sort -u|grep -vi [a-z] >> $TMPFILE




echo "grep \"$day $time\" $messages" |sh|\

awk '/Wrong password/{print $10}' |\
sed 's:'\''::g'|sort -u|grep -vi [a-z] >> $TMPFILE

echo "awk '/mismatch/{print $11}' $messages" |sh|\




grep -vi [a-z]|sed 's:'\''::g'

echo "Creating rules"

for i in `cat $TMPFILE|sed 's:for::g'`

do

echo "iptables -A INPUT -s $i -p udp --dport 5060:5061 -j REJECT --reject-with 
icmp-host-


prohibited" > /etc/dbeats



echo "iptables -A INPUT -s $i -p tcp --dport 5060:5061 -j REJECT --reject-with 
icmp-host-

prohibited" > /etc/dbeats

sort /etc/dbeats2 | uniq > /etc/deadbeats

echo "Limpar Firewall"




 iptables -F

echo "Reloading normal rules"

sh /etc/firewall

echo "Adding deadbeats"

sh /etc/deadbeats

done

date > /tmp/blocked
echo >> /tmp/blocked




echo "grep \"$day $time\" $messages" |sh|\

awk '/Wrong password/{print $11}'|\
sed 's:'\''::g'|sort -u|grep -vi [a-z] >> /tmp/blocked

echo "grep \"$day $time\" $messages" |sh|\




awk '/Wrong password/{print $10}'|\
sed 's:'\''::g'|sort -u|grep -vi [a-z] | mail -s "Acessos Bloqueados" 
address@hidden



rm -f $TMPFILE


      
____________________________________________________________________________________
Veja quais são os assuntos do momento no Yahoo! +Buscados
http://br.maisbuscados.yahoo.com

[As partes desta mensagem que não continham texto foram removidas]
reply via email to
[Prev in Thread] Current Thread [Next in Thread]