44 lines
989 B
Bash
44 lines
989 B
Bash
|
#!/bin/sh
|
||
|
|
||
|
# Parse multiple fail2ban log files to list all the IP that should be banned.
|
||
|
# The log files comes from many different host and we want a big block list.
|
||
|
|
||
|
# The block list to create
|
||
|
blk_list='/tmp/blk_list'
|
||
|
|
||
|
log_path='/var/log/clients/fail2ban'
|
||
|
|
||
|
rm -f "${blk_list}" && touch "${blk_list}"
|
||
|
|
||
|
# Log files to analyze
|
||
|
for log_file in $(find ${log_path} ! -iname "*.gz" -type f); do
|
||
|
|
||
|
#printf 'Analyze %s file\n' "${log_file}"
|
||
|
|
||
|
# Analyze the lines of this log file
|
||
|
while read -r line; do
|
||
|
|
||
|
#printf 'l: %s\n' "${line}"
|
||
|
# SAME
|
||
|
#awk '{print $"$line"}'
|
||
|
|
||
|
action=$(echo $line | awk '{ print $8 }')
|
||
|
ip=$(echo $line | awk '{ print $NF }')
|
||
|
|
||
|
case $action in
|
||
|
"Ban" )
|
||
|
printf '%s\n' "${ip}" >> "${blk_list}"
|
||
|
;;
|
||
|
"Unban" )
|
||
|
#printf 'Unban %s\n' "${ip}"
|
||
|
sed -i '/'"${ip}"'/d' "${blk_list}"
|
||
|
;;
|
||
|
esac
|
||
|
|
||
|
done < "${log_file}"
|
||
|
|
||
|
#printf 'Last action: %s\n' $action
|
||
|
#printf 'Last IP: %s\n' $ip
|
||
|
|
||
|
done # End for log_file
|