forked from spirit986/AdminScripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
parseip.pl
executable file
·84 lines (71 loc) · 1.95 KB
/
parseip.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/usr/bin/perl
use strict;
use warnings;
use Regexp::Common qw /net/;
use IO::Prompter;
my $date_input = prompt "Enter a date, ex: Jan 01:", -echo=>'';
my $today = `date +"%b %d"`;
chomp($today);
if ($date_input eq '')
{
$date_input = $today;
print "No date specified, using today's date - $date_input.\n\n";
}
my $cmd = "journalctl -u postfix.service | grep '$date_input'";
print "$cmd";
my @output = `$cmd`;
chomp @output;
print "\n\nDumping log output: \n-------------------------------------------------------------------------------\n";
my $line;
foreach $line (@output)
{
print "$line\n";
}
# Extract the ip addresses, then put them into an array
my $RE;
my @ip_addresses = ();
foreach $line (@output)
{
$line =~ /$RE{net}{IPv4}{-keep}/;
push @ip_addresses, $1;
}
print "-------------------------------------------------------------------------------\n\n\n";
print "Creating IPTables drop commands.\nAccessing IP whois reccords. Please wait, it may take a while.\n";
# Sort the unique IP Address.
# Get unique whois information
# Create IPTables command with the whois information in comments
my %seen = ();
my @iptables_cmds = ();
my $ipaddress;
my $iptables_command;
my @whois_country;
my $country;
foreach $ipaddress (@ip_addresses)
{
unless ($seen{$ipaddress})
{
# if we get here, we have not seen it before
$seen{$ipaddress} = 1;
# whois may return multible values (rows)
@whois_country = `whois $ipaddress | grep -i country:`;
if (!@whois_country)
{
$country = "No Country information available...";
} else {
chomp($whois_country[0]);
$country = substr $whois_country[0], -2;
}
# Put some warnings if the country is MK or US
if (uc($country) eq 'MK' || uc($country) eq 'US')
{
$country .= ' | *** CAREFULL ***';
}
$iptables_command = "iptables -I FORWARD -s $ipaddress -j DROP # Country: $country\n";
push @iptables_cmds, $iptables_command;
@whois_country = ();
}
}
foreach $line (@iptables_cmds)
{
print "$line";
}