Re: [Fail2ban-users] Fail2ban / postfix

Nick Howitt Sat, 17 Oct 2015 12:54:34 -0700

See in-line, but I'd need to check how to get awk to output to a file. I think you need to define an out_file in the awk script or redirect the output with a "> some.file" which f2b can then parse.

On 17/10/2015 20:42, Nicolas Repentin wrote:

Le 15/10/2015 10:17, Richard Mealing a écrit :

cat /var/log/maillog | grep "Junk" | cut -d ">" -f1 | cut -d "<" -f2 | while read rubbish ; do grep $rubbish /var/log/maillog ; done | grep postfix | cut -d ":" -f4 | while read messageid ; do grep $messageid /var/log/maillog ; done | grep smtpd

Hello

I got a good result with:

while true; do

cat /var/log/maillog | grep "Junk" | cut -d ">" -f1 | cut -d "<" -f2 | while read rubbish ; do grep $rubbish /var/log/maillog ; done | grep postfix | cut -d ":" -f4 | while read messageid ; do grep $messageid /var/log/maillog ; done | grep smtpd | awk '{print $NF}' |cut -d "[" -f2 |sed 's/\]//g'

sleep 60 # 60s or whatever
done

It give me the IP addresses :)

I now search how I can this loop in live all the time, to make fail2ban check the result log file, or maybe i will ask logrotate to generate the log when rotating.

Thanks :)
-- 
Nicolas Repentin
<[email protected]>
------------------------------------------------------------------------------
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

------------------------------------------------------------------------------

_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Fail2ban / postfix

Reply via email to