This isn’t that difficult, but adding a lot of ip addresses through CSF’s command line can take a long time, especially when some/a lot of these ip addresses are already present. So this script checks /etc/csf/csf.deny for the ip addresses to be added and if it isn’t present already will add it through csf with the comment “Abuse”.
#!/bin/bash
###################################################################
# abuse.sh v1.0 #
# ip addresses in /usr/local/directadmin/data/admin/brute_ip.data #
# are added to /etc/csf/csf.deny with the comment Abuse when not #
# yet added. #
# (c)opyleft Take13 #
###################################################################
for IP in `cat /usr/local/directadmin/data/admin/brute_ip.data | awk -F = '{print $1}'` ; do
COUNT=`grep $IP /etc/csf/csf.deny | wc -l`
if [ "$COUNT" -ne 0 ] ; then
echo $IP" already in block list"
else
csf -d $IP Abuse
fi
done
Comments