feature/ss-instead-of-netstat #2
1 changed files with 12 additions and 3 deletions
|
@ -3,7 +3,7 @@
|
||||||
# #
|
# #
|
||||||
# Try and prevent apache overloads by banning IP addresses that have (too) #
|
# Try and prevent apache overloads by banning IP addresses that have (too) #
|
||||||
# many open connections. #
|
# many open connections. #
|
||||||
# This script uses netstat to determine the connections to a configurable port #
|
# This script uses ss to determine the connections to a configurable port #
|
||||||
# on the host machine and provides automated GeoIP information retrieval based #
|
# on the host machine and provides automated GeoIP information retrieval based #
|
||||||
# the address or the /24-, /16- or /8-subnet thereof. A GeoIP city- or country #
|
# the address or the /24-, /16- or /8-subnet thereof. A GeoIP city- or country #
|
||||||
# database must be installed separately and is provided to the script via a #
|
# database must be installed separately and is provided to the script via a #
|
||||||
|
@ -26,8 +26,8 @@
|
||||||
# - net-analyzer/fail2ban (`fail2ban-client`) #
|
# - net-analyzer/fail2ban (`fail2ban-client`) #
|
||||||
# - sys-apps/coreutils (`cut`, `id`, `sort`, `touch`, `tr`, `uniq`) #
|
# - sys-apps/coreutils (`cut`, `id`, `sort`, `touch`, `tr`, `uniq`) #
|
||||||
# - sys-apps/grep (`grep`) #
|
# - sys-apps/grep (`grep`) #
|
||||||
|
# - sys-apps/iproute2 (`ss`)
|
||||||
# - sys-apps/moreutils (`sponge`) #
|
# - sys-apps/moreutils (`sponge`) #
|
||||||
# - sys-apps/net-tools (`netstat`) #
|
|
||||||
# - sys-apps/util-linux (`getopt`) #
|
# - sys-apps/util-linux (`getopt`) #
|
||||||
# #
|
# #
|
||||||
################################################################################
|
################################################################################
|
||||||
|
@ -54,7 +54,7 @@ dependencies=(
|
||||||
"uniq" "sys-apps/coreutils"
|
"uniq" "sys-apps/coreutils"
|
||||||
"grep" "sys-apps/grep"
|
"grep" "sys-apps/grep"
|
||||||
"sponge" "sys-apps/moreutils"
|
"sponge" "sys-apps/moreutils"
|
||||||
"netstat" "sys-apps/net-tools"
|
"ss" "sys-apps/iproute2"
|
||||||
"getopt" "sys-apps/util-linux"
|
"getopt" "sys-apps/util-linux"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -468,6 +468,15 @@ banned="$(exec_as_root fail2ban-client get "${jail}" banip)"
|
||||||
|
|
||||||
# Determine the current connections to the desired port; store the raw data in
|
# Determine the current connections to the desired port; store the raw data in
|
||||||
# $fileraw.
|
# $fileraw.
|
||||||
|
magic=$(ss -HOn state established "( sport = :${port} )"|tr -s '[:blank:]'|cut -d' ' -f5)
|
||||||
|
|
||||||
|
ipv6mappedipv4="$(grep '^\[::ffff:' - < "${magic}")"
|
||||||
|
pureipv4="$(grep '^[^[]' - < "${magic}")"
|
||||||
|
|
||||||
|
echo "MAPPED: ${ipv6mappedipv4}"
|
||||||
|
echo "PURE: ${pureipv4}"
|
||||||
|
|
||||||
|
exit
|
||||||
netstat -nt | grep "${MY_IP}:${port}" | tr -s '[:blank:]' | cut -d' ' -f5 \
|
netstat -nt | grep "${MY_IP}:${port}" | tr -s '[:blank:]' | cut -d' ' -f5 \
|
||||||
| cut -d: -f1 | sort > "${fileraw}"
|
| cut -d: -f1 | sort > "${fileraw}"
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue