aixiao/denyhosts
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

修改: mail.log.sh

Browse Source
This commit is contained in:
aixiao 2019-01-19 17:06:17 +08:00
parent faa713fe00
commit aa0ab9faee
1 changed files with 47 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
mail.log.sh Executable file → Normal file
View File

@ -1,16 +1,17 @@
#!/bin/bash #!/bin/bash
# #
# Debian Stretch.
# System authorization information. # System authorization information.
# Author: aixiao
# Email: aixiao@aixiao.me # Email: aixiao@aixiao.me
# Date: 20170909 # Time: 20170909
# Modify Time: 171125
# #
pwd_path=/root function run()
TIME=`date +"%Y%m%d"` {
log_file=${pwd_path}/${TIME}.log pwd_path="/root";
TIME=`date +"%Y%m%d"`;
log_file="${pwd_path}/${TIME}.log";
email_address="1605227279@qq.com";
num=9;
echo "Read-Only Memory,ROM:" &>> ${log_file} echo "Read-Only Memory,ROM:" &>> ${log_file}
df -am &>> ${log_file} df -am &>> ${log_file}
@ -27,26 +28,20 @@ echo "" &>> ${log_file}
echo "Network Connections" &>> ${log_file} echo "Network Connections" &>> ${log_file}
netstat -tnulp &>> ${log_file} netstat -tnulp &>> ${log_file}
echo "" &>> ${log_file}
echo "AIC" &>> ${log_file}
netstat -ntu &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
echo "System authorization information:" &>> ${log_file} echo "System authorization information:" &>> ${log_file}
if test "`date | awk '{print $3}'`" -ge 10 ; then if test "`date | awk '{print $3}'`" -ge 10 ; then
grep ^`date | awk '{print $2}'`.`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file} grep ^`date | awk '{print $2}'`.`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file}
grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file} grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
ip=$(grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}')
ip=$(grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){if (a[i] >= 9) {print i;}}}')
else else
grep ^`date | awk '{print $2}'`..`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file} grep ^`date | awk '{print $2}'`..`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file}
grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file} grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
ip=$(grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}')
ip=$(grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){if (a[i] >= 9) {print i;}}}')
fi fi
ip_add=($ip) ip_address=($ip)
for i in ${ip_add[@]} ; do for i in ${ip_address[@]} ; do
/sbin/iptables -I INPUT -s $i -j DROP /sbin/iptables -I INPUT -s $i -j DROP
done done
/sbin/iptables-save > /root/ipv4tables /sbin/iptables-save > /root/ipv4tables
@ -56,10 +51,14 @@ echo "Iptables filter table" &>> ${log_file}
/sbin/iptables -L -n --line-numbers &>> ${log_file} /sbin/iptables -L -n --line-numbers &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
mail -s "System Log" 1605227279@qq.com < ${log_file} mail -s "System Log" ${email_address} < ${log_file}
rm ${log_file} rm ${log_file}
sync sync
sync sync
exit }
run;
exit 0;
20190103
aixiao@aixiao.me aixiao@aixiao.me