the report shows:
qty_of_anvil_blocks IP PTR (if exsists)
Some awkhead can certainly do this a lot better. improvements welcome
#!/bin/sh
#init the output file
cp /dev/null /var/tmp/anvil_ptr.txt
egrep -i "Too frequent connections" /var/log/maillog | awk '{print $12}' |
sort -fn | uniq -ic > /var/tmp/ghba.txt
for IP in `awk '{ print $2 }' /var/tmp/ghba.txt` ; do
CNT=`egrep -i "$IP" /var/tmp/ghba.txt | awk '{ print $1 }'`
echo $IP
PTR=`dig -x $IP | awk '/IN PTR/{ print $5}'`
echo "$CNT $IP $PTR" | awk '{printf "%6s\t%-17s%-20s\n",$1,$2,$3
}' >> /var/tmp/anvil_ptr.txt
done
egrep -i "^ *[0-9]" /var/tmp/anvil_ptr.txt | sort -f -k2 >>
/var/tmp/anvil_ptr_sort.txt
#echo "IPs: /var/tmp/ghba.txt"
echo "IPs + PTR: /var/tmp/anvil_ptr_sort.txt"
exit 0
