Scripting fun...

[Bart Silverstrim]

Here's the total of what I was doing, so I'll just post this for the 
people who know what they're doing to laugh at.

I want to take a particular string and search through apache's access 
log, and every IP trying to retrieve a file of that name (or string) I 
want to block it in iptables.

This is very rough and I was doing it in stages as I tested it, as I 
barely speak any scripting language, so I'm aware it's extremely amateur.

In this version I was searching for the word slurp, which is in the 
Yahoo web crawlers. The end effect is that it should add IPs from Yahoo 
not already in the iptables to the iptables drop list.

Constructive feedback welcome and if someone can spot why it's not 
working right I'd really appreciate the explanation!

#!/bin/sh

grep -i slurp /var/log/apache-perl/access.log |awk '{print$1}' > 
~/temp/tmp.txt
sort ~/temp/tmp.txt > ~/temp/tmp2.txt
uniq ~/temp/tmp2.txt > ~/temp/slurps.txt

iptables -L INPUT -v -n |awk '{print$8}' |grep '[0-9]' > ~/temp/blocked.txt

diff -y ~/temp/slurps.txt ~/temp/blocked.txt |grep '[>]'|awk '{print$2}' 
 > ~/temp/newaddresses.txt

for i in `cat ~/temp/newaddresses.txt`
do
	iptables -A INPUT -s $i -j DROP
done