Hello Maurice!
04 Dec 2019 02:11, Maurice Kinal wrote to Maurice Kinal:
MK> I see that we're back to the lameware (<- you know who you are)
MK> screwing up messages again. :::mutter, mutter, mutter:::
MK> Someone obviously knows no shame given the continual usage of pure,
MK> unadultered crap.
----- 00-abuse-port-1194.sh begins -----
#!/bin/sh
# grep ips in logs
grep DPT=1194 /var/log/messages | cut -d "=" -f 5 | cut -d " " -f 1 | sort -hu
>/tmp/abuse
# reset out file with header
echo "# abuse port 1194 begin" >/tmp/abuse.txt
# loop until done all
for i in $(cat /tmp/abuse)
do
echo "//" >>/tmp/abuse.txt
php /usr/local/sbin/asn.php ${i} >>/tmp/abuse.txt
grep "localhost kernel:" /var/log/messages | grep ${i} >>/tmp/abuse.txt
done
# add end header
echo "# abuse port 1194 end" >>/tmp/abuse.txt
# add all ips to the report
echo "# all ips begin" >>/tmp/abuse.txt
cat /tmp/abuse >>/tmp/abuse.txt
echo "# all ips end" >>/tmp/abuse.txt
# report to email in crontab
cat /tmp/abuse.txt
----- 00-abuse-port-1194.sh ends -----
life is borring :)
i got tired of abuse that is not in my custommers ip ranges, so maked shorewall
logs access if its outside of accept, then i have a sqlite asn db file to see
whois, its not open gate, i just monitor it, yes i have a openvpn server for
fun, where root CA is self signed
i post it here so i now have backup, lol
Regards Benny
... there can only be one way of life, and it works :)
--- Msged/LNX 6.1.2 (Linux/4.19.86-gentoo (x86_64))
* Origin: I will always keep a PC running CPM 3.0 (2:230/0)
|