Current location

narf Source control manager Git

summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2010-06-27 09:27:11 +0000
committershtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2010-06-27 09:27:11 +0000
commitc32716ce985e445a09f301aea5ca5362e2dd5f36 (patch)
treee24b8800aeed9a35fc40338e8eb3de69a1f12c6f /openbsd
parent6b66bdbcc1c2f178e1bb3a9ec0729c37979cd9b2 (diff)
[OpenBSD-DenyHosts] Recurse once to get the networks WHOIS information.
git-svn-id: svn+ssh://scm.narf.ssji.net/svn/shtrom/scripts@809 1991c358-8f32-0410-a49a-990740bdf4c2
Diffstat (limited to 'openbsd')
-rwxr-xr-xopenbsd/denyhost.sh10
1 files changed, 8 insertions, 2 deletions
diff --git a/openbsd/denyhost.sh b/openbsd/denyhost.sh
index 09d1586..9dacf15 100755
--- a/openbsd/denyhost.sh
+++ b/openbsd/denyhost.sh
@@ -20,8 +20,7 @@ TMP_DIR=/var/tmp
NEW_BLOCKERS_FILE=`mktemp ${TMP_DIR}/blockers.list.XXXXXX`
DEST_ADDR=root@distant-sun.narf.ssji.net
-#MAIL=mail
-MAIL=cat
+MAIL=mail
function process_ip
{
@@ -38,6 +37,13 @@ function process_ip
grep $IP $AUTHLOG | grep -v "Received disconnect" > $LOGIN_FILE
LOGINS=`gsed -n "s/.*sshd\[[0-9]\+\]: \(Invalid user\|Failed password for\( invalid user\)\?\) \([^[:space:]]\+\) from.*/\3/p" $LOGIN_FILE | \
sort | uniq | gsed ':a N;s/\n/, /g; ta'`
+ if [ -z "$ABUSE" ]; then
+ NETS=`gsed -n "s/.*\(NET-[-0-9]\+\).*/\1/p" $WHOIS_FILE`
+ for NET in $NETS; do
+ whois $NET >> $WHOIS_FILE
+ done
+ ABUSE=`extract_email $WHOIS_FILE`
+ fi
if [ ! -z "$ABUSE" ]; then
(
cat << EOF