When jokers set up multiple PTRs, the script report was ugly, with the
additional PTR hostnames listed without IPs. I've filter for the lines to
start with a digit
#!/bin/sh
cp /dev/null /var/tmp/anvil_ptr.txt
egrep -i "Too frequent connections" /var/log/maillog |\
awk '{print $12}' | sort -rfn |\
uniq -i > /var/tmp/ghba.txt
for IP in `cat /var/tmp/ghba.txt` ; do
echo $IP
PTR=`dig -x $IP | awk '/IN PTR/{ print $5}'`
echo "$IP $PTR" >> /var/tmp/anvil_ptr.txt
done
egrep -i ^[0-9] /var/tmp/anvil_ptr.txt | sort -f | uniq -i >
/var/tmp/anvil_ptr_sort.txt
echo "IPs: /var/tmp/ghba.txt"
echo "report: /var/tmp/anvil_ptr_sort.txt"
exit 0
In case the IP list gets really big, somebody show us how the for statement
can read the IPs from a file rather than from `cat file`
Len
