BashScripts.org
http://bashscripts.org/forum/

Need to write a file before a process is killed
http://bashscripts.org/forum/viewtopic.php?f=16&t=1425
Page 1 of 1

Author:  <<nixx>> [ Sat Jul 02, 2011 10:08 pm ]
Post subject:  Need to write a file before a process is killed

I'm tying to do a script that detects and blocks DoS attacks. Everything works but the file "file" is empty. That's because I kill the process before writes the output to file. I need a way to write the output to file in real time. Here is the script:

#!/bin/bash

MYIP=`ifconfig ${iface} | grep 'inet' | cut -d: -f2 | cut -d " " -f1 | grep -v 127`
tcpdump -tn | awk -F "." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | awk '$1 > 250' | grep -v "$MYIP" > file &
sleep 10
pkill tcpdump
AUX=`cat file`
if [ "$AUX" ]
then
i=0
for IP in $AUX
do
if [ $i -eq 2 ]
then
iptables -I INPUT -s $IP -j DROP
i=0
else
i=`expr $i + 1`
fi
done
echo "DoS attack from:"
echo $AUX
echo "Sources blocked."
rm file
exit 2
else
rm file
exit 0
fi

Author:  <<nixx>> [ Fri Jul 08, 2011 9:03 pm ]
Post subject:  Re: Need to write a file before a process is killed

It's solved, thanks anyway. Here is the solution:

#!/bin/bash

MYIP=`ifconfig ${iface} | grep 'inet' | cut -d: -f2 | cut -d " " -f1 | grep -v 127`
tcpdump -tn > file &
sleep 10
pkill tcpdump
AUX=`cat file | awk -F "." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | awk '$1 > 250' | grep -v "$MYIP"`
if [ "$AUX" ]
then
i=0
for IP in $AUX
do
if [ $i -eq 2 ]
then
iptables -I INPUT -s $IP -j DROP
i=0
else
i=`expr $i + 1`
fi
done
echo "DoS attack from:"
echo $AUX
echo "Sources blocked."
rm file
exit 2
else
rm file
exit 0
fi

Page 1 of 1 All times are UTC - 6 hours
© 2000, 2002, 2005, 2007 phpBB Group • http://www.phpbb.com