weeheavy/scripts
1
0
Fork 0
Code Pull requests Activity

beef up iptables-show-recent, limit output

Browse source
This commit is contained in:
Oliver Ladner 2017-01-12 21:45:05 +01:00
commit b50c37b3ef
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
iptables-show-recent.sh
View file

@ -7,9 +7,13 @@
# - iptables with rules for the "recent" module # - iptables with rules for the "recent" module
# - Shell cmds: geoiplookup # - Shell cmds: geoiplookup
top=30
echo "Top $top recent IP addresses:"
echo -e "Count\tIP\t\tCountry"
for ip in $(cat /proc/net/xt_recent/DEFAULT | awk {'print $1'} | sed 's/src=//'); do for ip in $(cat /proc/net/xt_recent/DEFAULT | awk {'print $1'} | sed 's/src=//'); do
IP=$(geoiplookup $ip | sed 's/GeoIP Country Edition:.*, //') IP=$(geoiplookup $ip | sed 's/GeoIP Country Edition:.*, //')
if [[ "$IP" =~ "IP Address not found" ]]; then IP="n/a"; fi if [[ "$IP" =~ "IP Address not found" ]]; then IP="n/a"; fi
COUNT=$(cat /proc/net/xt_recent/DEFAULT | grep "$ip" | awk {'print $7'}) COUNT=$(cat /proc/net/xt_recent/DEFAULT | grep "$ip" | awk {'print $7'})
echo -e "$COUNT\t$ip\t($IP)" echo -e "$COUNT\t$ip\t$IP"
done | sort -rn done | sort -rn | head -$top