fix

2024-09-10 22:46:09 -06:00 · 2024-09-10 22:46:09 -06:00 · c3cf6c1180
commit c3cf6c1180
parent d3265031d7
2 changed files with 87 additions and 6 deletions
--- a/bots.txt
+++ b/bots.txt
@ -1635,3 +1635,83 @@
 47.128.118.184
 47.128.22.212
 47.128.40.82
 47.128.29.213
 47.128.99.244
 223.104.79.77
 47.128.41.147
 47.128.44.195
 47.128.97.152
 47.128.126.122
 47.128.25.103
 47.128.34.171
 69.171.249.116
 87.250.224.246
 173.252.87.23
 47.128.59.24
 213.180.203.185
 47.128.16.126
 47.128.38.79
 47.128.51.51
 47.128.124.229
 47.128.26.56
 47.128.35.96
 207.191.198.224
 47.128.22.183
 47.128.54.164
 47.128.57.201
 2a03:2880:22ff:74::face:b00c
 47.128.117.155
 47.128.17.133
 47.128.39.136
 47.128.62.139
 47.128.99.189
 1.46.202.198
 47.128.111.190
 47.128.52.39
 20.109.36.209
 47.128.28.220
 47.128.42.155
 47.128.45.170
 47.128.116.159
 47.128.118.244
 47.128.42.149
 17.241.227.80
 47.128.17.141
 47.128.18.135
 47.128.47.38
 47.128.47.43
 47.128.47.83
 73.89.173.228
 136.243.228.182
 17.22.237.135
 17.22.237.164
 17.22.237.190
 17.22.245.174
 17.22.245.240
 17.22.253.9
 17.241.219.48
 172.104.14.163
 40.77.189.71
 47.128.43.180
 47.128.52.85
 47.128.56.110
 54.36.148.181
 17.246.19.106
 17.246.23.250
 17.246.23.41
 17.246.23.67
 172.183.54.150
 119.8.10.84
 47.128.41.85
 40.77.167.35
 47.128.25.18
 47.128.53.119
 47.128.115.62
 47.128.44.26
 47.128.49.141
 47.128.114.240
 47.128.96.148
 47.128.99.50
 47.128.121.210
 47.128.17.121
 47.128.50.136
--- a/firewall2.sh
+++ b/firewall2.sh
@ -1,6 +1,6 @@
 #!/bin/bash
 MY_IP="47.5.112.50"
-ATTACK_THRESHOLD="75"
+ATTACK_THRESHOLD="50"
 SERVER_IP='192.168.0.55'
 NGINX_ACCESS="/tmp/access.log"
 #WIREGUARD=(51820)
@ -321,9 +321,10 @@ research(){
 		echo $MENU_TOP	
 		echo "                   [Researching $i]                  "
 		echo
-		grep $DATE $NGINX_LOG | grep $i | grep -Evi -f $SAFE_TRAFFIC 
+		DATA=$(grep $i $NGINX_LOG | grep -Evi -f $SAFE_TRAFFIC)
-		echo 
+		echo $DATA
-		echo "Count: $COUNT"
+		echo
 		echo "Count: $(echco $DATA | wc -l)"
 		echo $MENU_BOTTOM
 		echo	
 		read -p 'Press Enter to Continue ' -e 
@ -457,7 +458,7 @@ watch() {
 		module-wordpress "$i" "$DATE"
 		module-go "$i" "$DATE"
-		COUNT=$( grep $DATE $NGINX_ACCESS | grep $i | wc -l) 
+		COUNT=$( grep $DATE $NGINX_ACCESS | grep $i | grep -Evi -f $SAFE_TRAFFIC | wc -l) 
 		CHECK=$( cat $NFT_CACHE | sort -u | grep $i )
 		if [[ "$COUNT" -gt $ATTACK_THRESHOLD ]]; then
@ -465,7 +466,7 @@ watch() {
 			echo "$IP $CHECK $COUNT"
 				if [ "$CHECK" = "" ]; then
 					echo "Blocking IP: $i Count: $COUNT"
-					logger "Blocking IP: $i"
+					logger "Blocking IP: $i with a count of: $COUNT"
 					echo $i >> $TMP_BLOCK
 					$NFT add rule ip filter input ip saddr $i $NFT_DROP
 				else