• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Help with an iptables script and the Code Red worm.

A

Ace69

Senior member
I have found a script that will log all IPs that try to attack me with the Code Red worm. I want to be able to be able to set up a script that will let me input all of the IPs that I obtain and input them into a banlist of some kind. Something like this command, iptables -A INPUT -s XXX.XXX.XXX.XXX -j DROP. I want to be able to automatically input all of the IPs that I found and put them into the XXX.XXX.XXX.XXX field. Does anyone know of an easy way to do this?

I think this may take a bit because I know nothing about shell scripting and I am just learning the iptables commands.
 
Best I can say is to grep the log file for hits, then use another script (or the same script) to put a rule in. For checking my IPF logs for code red I use:

grep ",80" /var/logs/ipflog

 


<< Best I can say is to grep the log file for hits, then use another script (or the same script) to put a rule in. For checking my IPF logs for code red I use:

grep ",80" /var/logs/ipflog >>



I have already gotten the lines out, but I just needed to create a ban list of some kind. I would need to go step by step instructions or a simply little script would have to be given to me. 🙂

I downloaded the perl script, Dahitman. I will give it a try.



 
You must log in or register to reply here.

TRENDING THREADS

Back
Top