Hey Guys,I have been working on a simple bash script that will read from it's standard input and presents some statistics from the logfile in realtime (when used with "tail -f .." ). After a few days that we have been attacked by spambots I got curious how to avoid these things in the future. The script we use is able to count the denied connections per IP and, if desired, adds this IP to the Firewall to reject incoming connections (brutal, I know). As the firewalling is optional you might still be interested in it to run just
to see what's going on.
It's written for BASH 3.0.15 but with a little change in the pattern matcher it runs on higher versions too. To start it in live mode run it like this:
tail -f /var/log/qmail/smtp/current | qmail_parser.sh and if you just want to scan some files and see what happened to this: cat /var/log/qmail/smtp/* | qmail_parser.shSince it's BASH it's not very good when it comes to performance but does the trick well when used with "tail". Also it's not catching everything (yet) since I was looking for only some very specific lines in the logfile. Anyhow, try it out and tell me what you think - attached the current script to this mail.
Cheers, Sebastian
qmail_parser.sh
Description: Bourne shell script
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
