Current location

narf Source control manager Git

summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2009-05-30 14:21:28 +0000
committershtrom <shtrom@1991c358-8f32-0410-a49a-990740bdf4c2>2009-05-30 14:21:28 +0000
commitcb23108c9222f81587bec164b36af816d55e2e60 (patch)
tree4f39a14a89c4c4156886cbcf22114bd85ea6e80f /openbsd
parent7cb4564de4b3bc3180444e3f8187c928b58effbf (diff)
[OpenBSD scripts] Better way to select invalid users entries.
git-svn-id: svn+ssh://scm.narf.ssji.net/svn/shtrom/scripts@550 1991c358-8f32-0410-a49a-990740bdf4c2
Diffstat (limited to 'openbsd')
-rwxr-xr-xopenbsd/denyhost.sh8
1 files changed, 2 insertions, 6 deletions
diff --git a/openbsd/denyhost.sh b/openbsd/denyhost.sh
index 5c5f652..c324f93 100755
--- a/openbsd/denyhost.sh
+++ b/openbsd/denyhost.sh
@@ -11,7 +11,7 @@ TMP_DIR=/var/tmp
NEW_BLOCKERS_FILE=`mktemp ${TMP_DIR}/blockers.list.XXXXXX`
DEST_ADDR=root@distant-sun.narf.ssji.net
-SSH_INVALID_USERS=`grep 'Invalid user' $AUTHLOG | awk '{ print $10 }' | sort -u`
+SSH_INVALID_USERS=`sed -n "s/.*Invalid user .* from //p" $AUTHLOG | sort -u`
for iu in $SSH_INVALID_USERS; do
num=`grep $iu $AUTHLOG | grep 'Invalid user' | wc -l`
@@ -20,8 +20,6 @@ for iu in $SSH_INVALID_USERS; do
fi
done
-cat ${TMP_DIR}/invalid_users.list | sort -u > ${TMP_DIR}/invalid_users.list
-
SSH_FAILED_PASSWORD=`grep 'Failed password for' $AUTHLOG | grep -v 'invalid user' | awk '{ print $11 }' | sort -u`
for fp in $SSH_FAILED_PASSWORD; do
@@ -31,9 +29,7 @@ for fp in $SSH_FAILED_PASSWORD; do
fi
done
-cat ${TMP_DIR}/failed_passwords.list | sort -u > ${TMP_DIR}/failed_passwords.list
-
-cat ${TMP_DIR}/invalid_users.list ${TMP_DIR}/failed_passwords.list | sort -u > $NEW_BLOCKERS_FILE
+sort -u ${TMP_DIR}/invalid_users.list ${TMP_DIR}/failed_passwords.list -o $NEW_BLOCKERS_FILE
pfctl -t kiddies -vTshow | grep -v Cleared | sed "s/ //g" | sort -n > ${TMP_DIR}/blockers.list
for IP in `grep -v -f ${TMP_DIR}/blockers.list $NEW_BLOCKERS_FILE`; do