From 862612a8e993afef01a6f797457c823430565d29 Mon Sep 17 00:00:00 2001
From: Oliver Ladner <waste@lugh.ch>
Date: Fri, 12 Apr 2013 11:21:39 +0200
Subject: [PATCH] added iptables recent tracking script

---
 iptables-show-recent.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100755 iptables-show-recent.sh

diff --git a/iptables-show-recent.sh b/iptables-show-recent.sh
new file mode 100755
index 0000000..f2a4169
--- /dev/null
+++ b/iptables-show-recent.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+# Author:  Oliver Ladner <oli@lugh.ch>
+# License: LGPL
+#
+# Shows recent connections tracked by the iptables "recent" module.
+# Requirements:
+# - iptables with rules for the "recent" module 
+# - Shell cmds: geoiplookup
+
+for ip in $(cat /proc/net/xt_recent/DEFAULT | awk {'print $1'} | sed 's/src=//'); do
+	IP=$(geoiplookup $ip | sed 's/GeoIP Country Edition:.*, //')
+	COUNT=$(cat /proc/net/xt_recent/DEFAULT | grep "$ip" | awk {'print $7'})
+	echo -e "$COUNT\t$ip\t($IP)"
+done | sort -rn