Le Mardi 21 Novembre 2006 15:38, David De Rosa a écrit :
#! /bin/sh
# clam-ip-drop.sh
ip=`tail -n 4 /var/log/httpd/error_log | grep virus daemon | grep -v
cannot
create | cut -d -f8-8 | cut -d ] -f1-1`;
date=`date`;
iptables -n -L INPUT /tmp/iptList
for i in $ip ; do
while read
On Wed, 15 Nov 2006 at 1:54:13 +0100, Laurent Besson wrote:
First i wrote this script (name clam-ip-drop.sh)
#! /bin/sh
ip=`cat /var/log/httpd/error_log | grep virus daemon | cut -d -f8-8 |
cut -d ] -f1-1`;
date=`date`;
for i in $ip ; do
echo $date. Drop de l'IP : $i
Le Mercredi 15 Novembre 2006 19:50, Tomasz Papszun a écrit :
Hopefully the user running Apache or ClamAV is not root, hence it can't
modify iptables' rules.
: So stupide I am !!!
Clamav with user clamav
Apache with... apache...
So now my script works good with crontab !
Hi,
If my english is not realy good, it's because I'm french ! :)
I'm using apache-2.0.54 with mod_clamav (ClamAV 0.88.5). This mod use clamd...
Is it possible to use VirusEvent to drop IP like :
VirusEvent /sbin/iptables -I INPUT -s %c -j DROP
Where %c could be the client (IP)... like in
Le Mercredi 15 Novembre 2006 01:40, vous avez écrit :
Hi,
First i wrote this script (name clam-ip-drop.sh)
#! /bin/sh
ip=`cat /var/log/httpd/error_log | grep virus daemon | cut -d -f8-8 |
cut -d ] -f1-1`;
date=`date`;
for i in $ip ; do
echo $date. Drop de l'IP : $i