On Thu, 21 Dec 2006, Adrian von Bidder wrote:
>
> The script is obviously not very release-quality (hardcoded path, little
> error handling etc.), but it basically just works.
I know what you mean ;-))
I just use this simple shell script called from cron, not very efficient
but it works...
#!/bin/sh
export
PATH=${PATH}:/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin
export IFS="
"
LINES=`ntpdc -nc monlist | grep "\."`
for LINE in ${LINES}
do
IP=`echo -n ${LINE} | cut -d " " -f 1`
let COUNT=`echo -n ${LINE} | cut -c 48-53`
let AVG=`echo -n ${LINE} | cut -c 67-71`
if [ $COUNT -gt 500 ] && [ $AVG -lt 60 ]
then
if [ "`echo -n $IP | cut -c 1-7`" != "192.168" ] &&\
[ "`echo -n $IP | cut -c 1-7`" != "127.0.0" ] &&\
[ "`ipchains -nL inp | grep $IP`" = "" ]
then
echo $LINE
echo $IP $COUNT $AVG
/sbin/ipfwadm -I -a deny -S $IP
fi
fi
-Louis
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
