aixiao/denyhosts
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

修改: mail.log.sh

Browse Source
This commit is contained in:
aixiao 2019-01-19 17:06:17 +08:00
parent faa713fe00
commit aa0ab9faee
1 changed files with 47 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
mail.log.sh Executable file → Normal file
View File

@ -1,65 +1,64 @@
#!/bin/bash #!/bin/bash
# #
# Debian Stretch.
# System authorization information. # System authorization information.
# Author: aixiao
# Email: aixiao@aixiao.me # Email: aixiao@aixiao.me
# Date: 20170909 # Time: 20170909
# Modify Time: 171125
# #
pwd_path=/root function run()
TIME=`date +"%Y%m%d"` {
log_file=${pwd_path}/${TIME}.log pwd_path="/root";
TIME=`date +"%Y%m%d"`;
log_file="${pwd_path}/${TIME}.log";
email_address="1605227279@qq.com";
num=9;
echo "Read-Only Memory,ROM:" &>> ${log_file} echo "Read-Only Memory,ROM:" &>> ${log_file}
df -am &>> ${log_file} df -am &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
echo "random access memoryRAM:" &>> ${log_file} echo "random access memoryRAM:" &>> ${log_file}
free -hl &>> ${log_file} free -hl &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
echo "System process:" &>> ${log_file} echo "System process:" &>> ${log_file}
ps -axjf &>> ${log_file} ps -axjf &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
echo "Network Connections" &>> ${log_file} echo "Network Connections" &>> ${log_file}
netstat -tnulp &>> ${log_file} netstat -tnulp &>> ${log_file}
echo "" &>> ${log_file} echo "" &>> ${log_file}
echo "AIC" &>> ${log_file} echo "System authorization information:" &>> ${log_file}
netstat -ntu &>> ${log_file} if test "`date | awk '{print $3}'`" -ge 10 ; then
grep ^`date | awk '{print $2}'`.`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file}
grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
ip=$(grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}')
else
grep ^`date | awk '{print $2}'`..`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file}
grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file}
ip=$(grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk -v num=${num} '{a[$1]+=1;} END {for(i in a){if (a[i] >= num) {print i;}}}')
fi
echo "" &>> ${log_file} ip_address=($ip)
echo "System authorization information:" &>> ${log_file} for i in ${ip_address[@]} ; do
if test "`date | awk '{print $3}'`" -ge 10 ; then /sbin/iptables -I INPUT -s $i -j DROP
grep ^`date | awk '{print $2}'`.`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file} done
grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file} /sbin/iptables-save > /root/ipv4tables
ip=$(grep -E "^`date | awk '{print $2}'`.`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){if (a[i] >= 9) {print i;}}}') echo "" &>> ${log_file}
else echo "Iptables filter table" &>> ${log_file}
grep ^`date | awk '{print $2}'`..`date | awk '{print $3}'` /var/log/auth.log &>> ${log_file} /sbin/iptables -L -n --line-numbers &>> ${log_file}
grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${log_file} echo "" &>> ${log_file}
ip=$(grep -E "^`date | awk '{print $2}'`..`date | awk '{print $3}'`" /var/log/auth.log | grep failure | grep rhost | awk '{printf $14 "\n"}' | cut -d = -f 2 | awk '{a[$1]+=1;} END {for(i in a){if (a[i] >= 9) {print i;}}}') mail -s "System Log" ${email_address} < ${log_file}
fi rm ${log_file}
sync
sync
}
ip_add=($ip) run;
for i in ${ip_add[@]} ; do exit 0;
/sbin/iptables -I INPUT -s $i -j DROP 20190103
done
/sbin/iptables-save > /root/ipv4tables
echo "" &>> ${log_file}
echo "Iptables filter table" &>> ${log_file}
/sbin/iptables -L -n --line-numbers &>> ${log_file}
echo "" &>> ${log_file}
mail -s "System Log" 1605227279@qq.com < ${log_file}
rm ${log_file}
sync
sync
exit
aixiao@aixiao.me aixiao@aixiao.me