[nzlug] Firewall Script
Daniel Lawson
daniel at meta.net.nz
Thu Sep 20 14:59:59 NZST 2007
> Basically, what I want to do, is have a script that runs 10min'ly, and looks at my SSH logs, if it sees more than 3 'invalid user' entries from one IP, or that said IP didnt pass an identification string on connect, to check and see if that IP is currently entered into iptables, and if it is not, to run the iptables command to block it.
>
> Its been a while since ive written any bash scripts, let alone had them parse files, so would appreciate some help writing this script.
>
You could also denyhosts, which manages your /etc/hosts.deny file to
deny access based on similar principles.
http://denyhosts.sourceforge.net/
More information about the NZLUG
mailing list