Commit | Line | Data |
---|---|---|
83610d8a MW |
1 | #! /bin/bash |
2 | ||
3 | set -e | |
4 | ||
5 | ## DNS DDOS victims. | |
6 | dns_victims=$( | |
7 | sed -n ' | |
8 | /^.*named.*client \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)#.*:.*view inet.*NS\/IN.*denied.*$/ s//\1/p | |
9 | ' /var/log/daemon.log | | |
10 | sort -u | | |
11 | while read addr; do | |
12 | if ! ipset -qT ddos-evil-dns "$addr"; then | |
13 | echo "$addr" | |
14 | fi | |
15 | done | |
16 | ) | |
17 | case "$dns_victims" in | |
18 | "") ;; | |
19 | *) | |
20 | echo 'DNS DDOS victim addresses:' | |
21 | ipset -N ddos-evil-dns iphash >/dev/null 2>&1 || : | |
22 | for addr in $dns_victims; do | |
23 | echo " $addr" | |
24 | ipset -A ddos-evil-dns "$addr" || : | |
25 | done | |
26 | ;; | |
27 | esac |