688
edits
Changes
From SME Server
Jump to navigationJump to searchPrint a summary of the fail2ban db
Line 409:
Line 409:
`- Banned IP list:
`- Banned IP list:
+====Print a summary of the fail2ban db====
+ mkdir -p /root/bin
+ vi /root/bin/bansummary.sh
+Paste this
+ <nowiki>#!/bin/bash
+echo -e \
+"IP \t"\
+"BanTime \t"\
+"UnbanTime \t"\
+"Jail"
+
+for ban in $(db fail2ban show |awk -F\= ' $2=="ban" {print $1}');
+ do
+ IP=$(db fail2ban getprop $ban Host)
+ Bantime=$(date +"%F %T" -d @$(db fail2ban getprop $ban BanTimestamp))
+ UnBanTime=$(date +"%F %T" -d @$(db fail2ban getprop $ban UnbanTimestamp))
+ LastJail=$(zgrep -H "Ban $IP" $(find /var/log/fail2ban -type f -ctime -7) |tail -1 |awk '{print $6}')
+
+ printf "%-15s" "$IP"
+ echo -e "\t$Bantime\t$UnBanTime\t$LastJail"
+ done
+</nowiki>
+
+save, then make executable
+ chmod 755 /root/bin/bansummary.sh
+
+Usage:
+ bansummary.sh
+Output:
+ <nowiki>IP BanTime UnbanTime Jail
+46.246.39.228 2017-09-09 18:45:00 2017-09-10 18:45:00 [http-scan]
+124.239.180.102 2017-09-09 12:07:32 2017-09-10 12:07:32 [http-scan]
+212.237.54.93 2017-09-09 19:27:32 2017-09-10 19:27:32 [http-scan]
+</nowiki>
[[Category: Contrib]]
[[Category: Contrib]]
[[Category: Security]]
[[Category: Security]]
