Hi David,
Sorry try this instead...
-- snip --
#!/bin/sh
logf="/var/log/blacklist_ip.log"
mdate=`date +%c`
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be ran as root"
echo ""
exit 1
fi
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"
if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
else
echo "$1" >> /opt/spamdyke/etc/blacklist_ip
echo "$mdate now dropping all packets from $1" >> $logf
fi
--snip --
best wishes
Tony White
On 18/4/20 8:04 pm, Tony White wrote:
Hi David,
Try using this little script...
-- snip --
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be run as root"
echo ""
exit 1
fi;
if [ $mip == "--help" ]; then
echo "========================================"
echo "Help: Block single and subnet IP's"
echo "========================================"
echo "blockip 132.2.1.1"
echo "blockip 132.1.0/24"
echo "----------------------------------------"
exit 1
fi;
-- snip --
worked for me forever...
Use qtp watchall to monitor the logs and use th output to manually block ips or
subnets
If you need more hit me off list.
best wishes
Tony White
On 18/4/20 2:59 pm, David Bray wrote:
I can see I'm getting hammered on my smtps port
How can I mitigate this?
I can see the IP's in /var/log/qmail/smtps/current
*but where do I actually see that the smtp auth actually fails ?*
or do I need to increase the logging somewhere ?
if I tail -f /var/log/dovecot.log
I can see the imap and pop failures
thanks in advance
David Bray
0418 745334
2 ∞ & <
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com