修复没有10号数据bug
This commit is contained in:
parent
60524a3f68
commit
36fa768f4a
@ -1,9 +1,12 @@
|
|||||||
# denyhosts
|
# denyhosts
|
||||||
ssh防止暴力破解.
|
ssh防止暴力破解.
|
||||||
记录mail server的一些信息,攻击IP等.
|
记录mail server的一些信息,攻击IP等.
|
||||||
- 适用Debian 8、9
|
- 适用Debian 8、9
|
||||||
|
|
||||||
|
|
||||||
|
cd /root
|
||||||
|
git clone https://github.com/niuyuling/denyhosts.git
|
||||||
|
chmod a+x /root/denyhosts/denyhosts.sh
|
||||||
crontab 定时任务,像这样.
|
crontab 定时任务,像这样.
|
||||||
|
0 22 * * * /root/denyhosts/denyhosts.sh
|
||||||
0 22 * * * /root/mail.log.sh
|
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
function init() {
|
function init() {
|
||||||
num=9;
|
num=20;
|
||||||
send_mail=1;
|
send_mail=1;
|
||||||
pwd_path="/root";
|
pwd_path="/root";
|
||||||
TIME=`date +"%Y%m%d%H%M"`;
|
TIME=`date +"%Y%m%d%H%M"`;
|
||||||
@ -29,9 +29,9 @@ function run()
|
|||||||
echo "Network Connections" &>> ${log_file}
|
echo "Network Connections" &>> ${log_file}
|
||||||
netstat -tnulp &>> ${log_file}
|
netstat -tnulp &>> ${log_file}
|
||||||
|
|
||||||
echo "System authorization information:" &>> ${log_file}
|
echo "System SSH authorization information:" &>> ${log_file}
|
||||||
/root/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
|
/root/denyhosts/rhost | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
|
||||||
ip=$(echo $(/root/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}'))
|
ip=$(echo $(/root/denyhosts/rhost | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}'))
|
||||||
|
|
||||||
|
|
||||||
ip_address=($ip)
|
ip_address=($ip)
|
||||||
@ -58,5 +58,6 @@ run;
|
|||||||
exit 0;
|
exit 0;
|
||||||
20190103
|
20190103
|
||||||
20190911
|
20190911
|
||||||
|
20191008
|
||||||
aixiao@aixiao.me
|
aixiao@aixiao.me
|
||||||
|
|
||||||
|
4
rhost.c
4
rhost.c
@ -18,7 +18,7 @@ int main(int argc, char *argv[])
|
|||||||
p = localtime(&timep);
|
p = localtime(&timep);
|
||||||
char p1[2];
|
char p1[2];
|
||||||
|
|
||||||
if (p->tm_mday > 10) {
|
if (p->tm_mday >= 10) {
|
||||||
if ((fp =
|
if ((fp =
|
||||||
popen
|
popen
|
||||||
("grep -E \"^$(date \"+%h\").$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
|
("grep -E \"^$(date \"+%h\").$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
|
||||||
@ -28,7 +28,7 @@ int main(int argc, char *argv[])
|
|||||||
} else {
|
} else {
|
||||||
if ((fp =
|
if ((fp =
|
||||||
popen
|
popen
|
||||||
("grep -E \"^$(date \"+%h\")..$(date \"+%d\")\" /var/log/auth.log | grep failure | grep rhost",
|
("grep -E \"^$(date \"+%h\")..$(date | awk '{print $3}')\" /var/log/auth.log | grep failure | grep rhost",
|
||||||
"r")) == NULL) {
|
"r")) == NULL) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user