r1 - 25 Mar 2010 - 16:35:27 - GunmoRyuYou are here: KoreaCmsWiki > 
Sandbox Web > TWikiUsers > GunmoRyu > GunmoRyuSandbox > 2010March > IP_Block
Sandbox Web > TWikiUsers > GunmoRyu > GunmoRyuSandbox > 2010March > IP_Block
#!/usr/bin/env python
import os, urllib
os.system("cat /var/log/secure | grep 'Failed' > /root/failed.log")
os.system("cat /var/log/secure | grep 'Invalid user' > /root/invalid.log")
file = open('/root/invalid.log')
number_of_limit = 30
invalid = file.readlines()
list_of_ip = {}
for line in invalid :
line= line.strip()
tt = line.split(' from ')[-1]
if list_of_ip.has_key( tt ) is False :
list_of_ip[tt] = 1
else :
list_of_ip[tt] = list_of_ip[tt]+1
file.close()
file = open('/root/failed.log')
failed = file.readlines()
for line in failed :
line = line.strip()
tt = line.split(' from ')[-1]
tt = tt.split(' port ')[0]
if list_of_ip.has_key( tt ) is False :
list_of_ip[tt] = 1
else :
list_of_ip[tt] = list_of_ip[tt]+1
for list in list_of_ip.keys() :
if list_of_ip[list]> number_of_limit :
print list, list_of_ip[list]
cmd = '/sbin/iptables -A INPUT -s '+list+' -j DROP'
os.system(cmd)
os.system("service iptables save")
-- GunmoRyu - 25 Mar 2010
Sandbox Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
TWiki Tip of the Day
Custom rendered bullets
The RenderListPlugin can render bulleted lists in a variety of different ways. Use %RENDERLIST{ parameters ... Read on
The RenderListPlugin can render bulleted lists in a variety of different ways. Use %RENDERLIST{ parameters ... Read on
Detector |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding KoreaCmsWiki? Send feedback