I have iplist.txt containing a list of ip I want to ban (one by line, extracted from a file.log and corresponding a certain condition like 3 or more access); I want to check for each ip of iplist.txt if it is already or not in iptables via its presence or not in file.dump (the iptables I've exported from iptables-save > file.dump):
iplist.txt
123.123.123.123
234.234.234.234
222.111.222.111
...
file.dump
-A INPUT -s 123.123.123.123/32 -j DROP
-A INPUT -s 111.222.111.222/32 -j DROP
-A INPUT -s 234.234.234.234/32 -j DROP
-A INPUT -s 126.127.126.127/32 -j DROP
...
bash script which checks in a 30 seconds loop:
#!/bin/bash
while [ 1 = 1 ]
do
# checking the presence or not of each ip I want to ban from iplist.txt, in file.dump
ip2ban=$(cat iplist.txt)
for i in $ip2ban
do
ipcheck=$(egrep -o "$ip2ban" file.dump)
if [ -z "$ipcheck" ]
# if $ip2ban is not present in file.dump
then
echo "$ip2ban is NOT in file.dump file then I BAN IT!"
# command to ban via iptables here
sleep 1
else
# if $ip2ban is already present in file.dump
echo "$ip2ban is in file.dump then I do nothing and continue!"
sleep 1
fi
sleep 30
done
done
exit
It is not working as it seems to check the whole iplist.txt contain at a time, not each line after the previous one!?
I got this:
123.123.123.123
234.234.234.234
222.111.222.111 is in file.dump then I do nothing and continue!
but I should got that:
123.123.123.123 is in file.dump then I do nothing and continue!
234.234.234.234 is in file.dump then I do nothing and continue!
222.111.222.111 is NOT in file.dump file then I BAN IT!
Aucun commentaire:
Enregistrer un commentaire