修复没有10号数据bug
This commit is contained in:
parent
60524a3f68
commit
36fa768f4a
@ -1,9 +1,12 @@
|
||||
# denyhosts
|
||||
ssh防止暴力破解.
|
||||
记录mail server的一些信息,攻击IP等.
|
||||
- 适用Debian 8、9
|
||||
- 适用Debian 8、9
|
||||
|
||||
|
||||
cd /root
|
||||
git clone https://github.com/niuyuling/denyhosts.git
|
||||
chmod a+x /root/denyhosts/denyhosts.sh
|
||||
crontab 定时任务,像这样.
|
||||
|
||||
0 22 * * * /root/mail.log.sh
|
||||
0 22 * * * /root/denyhosts/denyhosts.sh
|
||||
|
||||
|
@ -7,7 +7,7 @@
|
||||
#
|
||||
|
||||
function init() {
|
||||
num=9;
|
||||
num=20;
|
||||
send_mail=1;
|
||||
pwd_path="/root";
|
||||
TIME=`date +"%Y%m%d%H%M"`;
|
||||
@ -29,9 +29,9 @@ function run()
|
||||
echo "Network Connections" &>> ${log_file}
|
||||
netstat -tnulp &>> ${log_file}
|
||||
|
||||
echo "System authorization information:" &>> ${log_file}
|
||||
/root/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
|
||||
ip=$(echo $(/root/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}'))
|
||||
echo "System SSH authorization information:" &>> ${log_file}
|
||||
/root/denyhosts/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
|
||||
ip=$(echo $(/root/denyhosts/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}'))
|
||||
|
||||
|
||||
ip_address=($ip)
|
||||
@ -58,5 +58,6 @@ run;
|
||||
exit 0;
|
||||
20190103
|
||||
20190911
|
||||
20191008
|
||||
aixiao@aixiao.me
|
||||
|
||||
|
4
rhost.c
4
rhost.c
@ -18,7 +18,7 @@ int main(int argc, char *argv[])
|
||||
p = localtime(&timep);
|
||||
char p1[2];
|
||||
|
||||
if (p->tm_mday > 10) {
|
||||
if (p->tm_mday >= 10) {
|
||||
if ((fp =
|
||||
popen
|
||||
("grep -E \"^$(date \"+%h\").$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
|
||||
@ -28,7 +28,7 @@ int main(int argc, char *argv[])
|
||||
} else {
|
||||
if ((fp =
|
||||
popen
|
||||
("grep -E \"^$(date \"+%h\")..$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
|
||||
("grep -E \"^$(date \"+%h\")..$(date | awk '{print $3}')\" /var/log/auth.log | grep failure | grep rhost",
|
||||
"r")) == NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user