>I could not get the 'dig' line to work as posted Len so I changed it
>just a little.
>
>PTR=`dig -x $IP | grep -v ";" | grep PTR | awk '{ print $5}'`
the "dig -x" default is for ;;QUESTION ANY dig8 and ;;QUESTION PTR for dig9.
also, I fixed a problem when some jerk puts multiple PTRs.
ghba.sh:
#!/bin/sh
#init the output file
cp /dev/null /var/tmp/anvil_ptr.txt
egrep -i "Too frequent connections" /var/log/maillog | awk '{print $12}' |
sort -fn | uniq -ic > /var/tmp/ghba.txt
for IP in `awk '{ print $2 }' /var/tmp/ghba.txt` ; do
echo "IP = $IP"
CNT=`egrep -i "$IP" /var/tmp/ghba.txt | awk '{ print $1 }' `
PTR=`dig -x $IP | awk '/^[0-9].*IN.*PTR/ { print $5} '`
PTR1=`echo $PTR | awk '{print $1}'`
echo "$CNT $IP $PTR1" | awk '{printf "%6s\t%-17s%-20s\n",$1,$2,$3
}' >> /var/tmp/anvil_ptr.txt
done
echo "=================================================" >
/var/tmp/anvil_ptr_sort.txt
echo " `date`" >> /var/tmp/anvil_ptr_sort.txt
echo " Quantity of anvil blocks per IP" >> /var/tmp/anvil_ptr_sort.txt
echo " `postconf smtpd_client_connection_rate_limit`" >>
/var/tmp/anvil_ptr_sort.txt
echo " `postconf client_rate_time_unit`" >> /var/tmp/anvil_ptr_sort.txt
echo "=================================================" >>
/var/tmp/anvil_ptr_sort.txt
echo " "
sort -f -k2 < /var/tmp/anvil_ptr.txt >> /var/tmp/anvil_ptr_sort.txt
echo "IPs + PTR: /var/tmp/anvil_ptr_sort.txt"
exit 0
#######################3
Len
