\n#!\/bin\/bash\r\n\r\n# Weekly Fail2Ban Report\r\n# Be sure to sudo chmod +x script_name.sh to make it executable\r\n# Original script by: https:\/\/www.mopar4life.com\/fail2ban-reporting\/\r\n# Forked by Bence G. Debn\u00e1r\r\n\r\nFAIL2BAN_PATH=\"\/var\/log\/fail2ban*\"\r\nLOGFILE=\"\/var\/backups\/logs\/fail2ban\/$(date +%m%d%Y)_Fail2Ban_Report.log\"\r\n#LOGFILE=\"\/tmp\/testfail2ban.txt\"\r\nMAILTOADDRESS=\"emailaddress\"\r\nSUBJECT=\"$HOSTNAME Weekly Fail2Ban Report\"\r\n\r\necho $(date +%m\/%d\/%Y) > $LOGFILE\r\necho '' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho 'Most frequently banned IP addresses' >> $LOGFILE\r\necho ' Count IP Address' >> $LOGFILE\r\necho '_______________________________________' >> $LOGFILE\r\n# show only the most problematic IP Addresses\r\n# 1.1: now it's show the IP AND the country name\r\nread -r -a IPARRAY <<< `zgrep -h \"Ban \" $FAIL2BAN_PATH | awk '{print $NF}' | sort | uniq -c | sort -n | tail | sort -nr`\r\n#read -r -a array <<< `zgrep -h \"Ban \" \/var\/log\/fail2ban* | awk '{print $NF}' | sort | sort -n | tail | sort -nr`\r\n\r\nRE_NUMBER='^[0-9]+$'\r\nfor IPADDRESS in \"${IPARRAY[@]}\"\r\ndo\r\n#because the input file is pretty consequent we don't need a complicated filter\r\n#\r\n#if it's a number then it's the counter\r\nif [[ $IPADDRESS =~ $RE_NUMBER ]]\r\nthen\r\necho -n \"${IPADDRESS} \" >> $LOGFILE\r\n#if contains a dot, then it's an IP address\r\nelif [[ $IPADDRESS == *\".\"* ]]\r\nthen\r\necho -n \"$IPADDRESS (`geoiplookup ${IPADDRESS} | awk '{print substr($0, index($0,$4))}'`)\" >> $LOGFILE\r\necho >> $LOGFILE\r\nfi\r\ndone\r\n\r\necho '' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho 'All banned IP addresses with service type' >> $LOGFILE\r\necho '' >> $LOGFILE\r\necho '_______________________________________' >> $LOGFILE\r\n# Show what service the IP was banned from and how many times for all log files including rotated\r\n# Sorts from high to low (using sort -nr) to sort low to high replace -nr with -n\r\n# To not use WILDCARD (*), you much change from {print $11,$9} to {print $10,$8}\r\n# SAMPLE OUTPUT\r\n# 1 XXX.71.214.66 [ssh-iptables]\r\n# 1 XXX.62.36.219 [sendmail]\r\n# 2 XX.165.195.40 [vsftpd]\r\ngrep \"Ban \" $FAIL2BAN_PATH* | awk -F[\\ \\:] '{print $11,$9}' | sort | uniq -c | sort -nr >> $LOGFILE\r\n\r\n# EMail File after completion (wait 10 seconds to finish writing log first)\r\nsleep 10\r\nmail -s \"$SUBJECT\" \"$MAILTOADDRESS\" < $LOGFILE<\/pre>\n <\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"
A fail2ban egy olyan alkalmaz\u00e1s ami folyamatosan parseolja a log fileoket \u00e9s gyan\u00fas m\u0171velet eset\u00e9n az adott IP-t kiz\u00e1rja a t\u0171zfalon. Miut\u00e1n ber\u00f6ccent, \u00fagy gondoltam j\u00f3 lenne tudni r\u00f3la, hogy m\u0171k\u00f6dik folyamatosan m\u0171k\u00f6dik kiket v\u00e1g ki.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[7,6,5,9,8,10],"class_list":["post-91","post","type-post","status-publish","format-standard","hentry","category-szerver-felugyelet","tag-cron","tag-crontab","tag-fail2ban","tag-geoip","tag-report","tag-weekly"],"_links":{"self":[{"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/posts\/91","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=91"}],"version-history":[{"count":4,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/posts\/91\/revisions"}],"predecessor-version":[{"id":158,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=\/wp\/v2\/posts\/91\/revisions\/158"}],"wp:attachment":[{"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=91"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=91"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/debnar.org\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=91"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}