> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Shaw, Marco > Sent: Friday, August 05, 2005 7:31 AM > To: General Red Hat Linux discussion list > Subject: RE: script needed > > > I'd say something like this should work: > > > > #!/bin/bash > > > > IPADDRLIST=`tail -50 /var/log/messages | grep "<line > > pattern>" | awk '{print $<ip addr field number>}' | sort | uniq` > > > > for IPADDR in $IPADDRLIST > > do > > IPADDRCNT=`tail -50 /var/log/messages | grep "<line > > pattern>" | grep -c $IPADDR` > > > > if [[ $IPADDRCNT -ge 10 ]] > > then > > echo $IPADDR >> /etc/hosts.deny > > fi > > done > > For that last if statement, before echo'ing to the hosts.deny > file, I'd make sure the address(es) isn't/aren't already > listed. Otherwise, you file could grow and grow with the same IPs. > > Marco Thanks Marco for that (and for reminding me to bottom-post), Good point. I've changed it below. #!/bin/bash IPADDRLIST=`tail -50 /var/log/messages | grep "<line pattern>" | awk '{print $<ip addr field number>}' | sort | uniq` for IPADDR in $IPADDRLIST do IPADDRCNT=`tail -50 /var/log/messages | grep "<line pattern>" | grep -c $IPADDR` if [[ $IPADDRCNT -ge 10 ]] then EXISTS=`grep -c $IPADDR /etc/hosts.deny` if [[ $EXISTS -eq 0 ]] then echo $IPADDR >> /etc/hosts.deny fi fi done -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
