[BlueOnyx:26297] Re: Saving APF Blacklist opens firewall
John Simpson
john at swajime.com
Thu Jun 15 08:03:46 -05 2023
FWIW: I've squelched my current issue with an awk command in a relatively
simple bash script:
#!/usr/bin/env bash
#
stdbuf -i0 -o0 -e0 tail -F /var/log/httpd/error_log | stdbuf -i0 -o0
-e0 sed 's/] \[/|/g;s/\[/|/g;s/\]/|/g' | stdbuf -i0 -o0 -e0 awk -F '|'
'/AH01630/ { match($5, /^client (.*):/, ip);print "banning " ip[1];
system("apf -d " ip[1] " banned wp hacker") }'
Now that the script is running, I no longer see bogus attempts to subscribe
via the webpages.
I would still appreciate knowing the correct/proper way to do the same via
BlueOnyx without going "under the hood".
Thanks!
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20230615/aedfd6b0/attachment.html>
More information about the Blueonyx
mailing list