修复没有10号数据bug

This commit is contained in:
aixiao 2019-10-22 23:08:05 +08:00
parent 60524a3f68
commit 36fa768f4a
5 changed files with 13 additions and 9 deletions

View File

@ -3,7 +3,10 @@ ssh防止暴力破解.
记录mail server的一些信息,攻击IP等. 记录mail server的一些信息,攻击IP等.
- 适用Debian 8、9 - 适用Debian 8、9
cd /root
git clone https://github.com/niuyuling/denyhosts.git
chmod a+x /root/denyhosts/denyhosts.sh
crontab 定时任务,像这样. crontab 定时任务,像这样.
0 22 * * * /root/denyhosts/denyhosts.sh
0 22 * * * /root/mail.log.sh

View File

@ -7,7 +7,7 @@
# #
function init() { function init() {
num=9; num=20;
send_mail=1; send_mail=1;
pwd_path="/root"; pwd_path="/root";
TIME=`date +"%Y%m%d%H%M"`; TIME=`date +"%Y%m%d%H%M"`;
@ -29,9 +29,9 @@ function run()
echo "Network Connections" &>> ${log_file} echo "Network Connections" &>> ${log_file}
netstat -tnulp &>> ${log_file} netstat -tnulp &>> ${log_file}
echo "System authorization information:" &>> ${log_file} echo "System SSH authorization information:" &>> ${log_file}
/root/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file} /root/denyhosts/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
ip=$(echo $(/root/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}')) ip=$(echo $(/root/denyhosts/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}'))
ip_address=($ip) ip_address=($ip)
@ -58,5 +58,6 @@ run;
exit 0; exit 0;
20190103 20190103
20190911 20190911
20191008
aixiao@aixiao.me aixiao@aixiao.me

BIN
rhost Normal file

Binary file not shown.

View File

@ -18,7 +18,7 @@ int main(int argc, char *argv[])
p = localtime(&timep); p = localtime(&timep);
char p1[2]; char p1[2];
if (p->tm_mday > 10) { if (p->tm_mday >= 10) {
if ((fp = if ((fp =
popen popen
("grep -E \"^$(date \"+%h\").$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost", ("grep -E \"^$(date \"+%h\").$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
@ -28,7 +28,7 @@ int main(int argc, char *argv[])
} else { } else {
if ((fp = if ((fp =
popen popen
("grep -E \"^$(date \"+%h\")..$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost", ("grep -E \"^$(date \"+%h\")..$(date | awk '{print $3}')\" /var/log/auth.log | grep failure | grep rhost",
"r")) == NULL) { "r")) == NULL) {
return 1; return 1;
} }

BIN
rhost.o Normal file

Binary file not shown.