Bonjour,

Voici un script pour bannir les IP avec des échecs de connexion.

Code:
#!/bin/bash
# autoban ip from /tmp/warnings.tmp

# remove old ban

touch /tmp/blacklist.txt
while read ligne  
do  
    ip route del prohibit ${ligne}/32
done < /tmp/blacklist.txt

# gen blacklist

touch /tmp/warnings.tmp
cat /tmp/warnings.tmp | grep "Login Failed" | awk '{ print $5 }' | sort | uniq > /tmp/blacklist.txt

# add new ban

while read ligne  
do  
    ip route add prohibit ${ligne}/32
done < /tmp/blacklist.txt

rm -f cat /tmp/warnings.tmp
crontab pour lancer le script

Code:
5 */1 * * * root /root/ban_warnings.sh
lien