linux批量添加hosts访问权限

secure文件会记录来访者的登陆账号和ip,于是在多机器管理中我们就可以从中提取需要允许的ip进白名单。

#!/bin/sh
DENY="/etc/hosts.deny"
ALLOW="/etc/hosts.allow"

function run_only_once () {
awk -F "[ ]" '$6 == "Accepted" && $7=="password" && $2 >= "13" && $3 >= "17:42:57" {print "sshd:all EXCEPT",$11,"#",$9}' /var/log/secure* | sort | uniq | sort -n >${DENY}

##筛选出第6列为Accepted且第7列为password且第2列大于等于13且第3列大于等于某个时间点,打印出第9和11列,按顺序排列去重。
awk -F "[ ]" '$6 == "Accepted" && $7=="password" && $2 >= "13" && $3 >= "17:42:57" {print "sshd:",$11,"#",$9}' /var/log/secure* | sort | uniq | sort -n >${ALLOW}
}

function add_white_host () {
/usr/bin/chattr -i ${DENY} ${ALLOW}
echo "sshd:all EXCEPT $1 # $2" >>${DENY}
echo "sshd: $1 # $2" >>${ALLOW}
/usr/bin/chattr +i ${DENY} ${ALLOW}
}
add_white_host $1 $2

weinxin
聂扬帆博客
一个分享IT运维相关工作经验和实战技巧的个人博客

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: