[SAC] ProjectsVM Upgrade Problem
Martin Spott
Martin.Spott at mgras.net
Thu Feb 9 13:40:35 EST 2012
On Thu, Feb 09, 2012 at 06:52:01PM +0100, Martin Spott wrote:
> Just an ugly hack for demonstrating what I was having in mind - don't
> use this in production .... !!
Logic error, try this - even uglier, but more functional:
#!/bin/bash
#
LOGFILE=${1}
NETSTAT=/bin/netstat
IFCONFIG=/sbin/ifconfig
IPTABLES=/sbin/iptables
INTERFACE=`${NETSTAT} -rn | awk '{print $2, $8}' | grep \^"0.0.0.0"|awk '{print $2}'`
MYIP=`${IFCONFIG} ${INTERFACE} | egrep -i " inet .*ad*r" | awk '{print $2}' | cut -f 2 -d \:`
CreateFilterList () {
for ENEMY in `egrep "\ \"GET http://" ${LOGFILE} | awk '{print $1 "#" $7}' | sort | uniq`; do
QUERYHOST=`echo ${ENEMY} | cut -f 2 -d \# | cut -f 3 -d \/`
QUERYIP=`host ${QUERYHOST} | awk '{print $4}'`
REMOTEHOST=`echo ${ENEMY} | cut -f 1 -d \#`
if [ "${REMOTEIP}" != ${MYIP} ]; then
echo "${IPTABLES} -I INPUT -j REJECT -i ${INTERFACE} -s ${REMOTEHOST}"
fi
done
}
CreateFilterList | sort | uniq
# EOF
We could simply run it on various logfile chunks of 1k lines as a test
and see if it makes a difference.
Cheers,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
More information about the Sac
mailing list