scripting fun

Cameron Hutchison lists at
Fri Jun 6 22:51:06 UTC 2008

Bart Silverstrim <bsilver at> writes:

>So to be clear, the script I'm now using is...

>join -v2 \
>   <(iptables -L INPUT -n | grep DROP | awk '{print $4}' | sort -u) \
>   <(grep -i slurp /var/log/apache-perl/access.log |awk '{print $1}' | 
>sort -u) | \
>egrep '^([[:digit:]]+[.]){3}[[:digit:]]+$' |\
>while read ip; do
>   iptables -A INPUT -s $ip -j DROP

One more refinement I can see - grep piped into awk is redundant most of
the time.

The command pipeline:
  grep DROP | awk '{print $4}'
can be replaced with
  awk '/DROP/ {print $4}'

The second one:
  grep -i slurp .../access.log | awk '{print $1}'
is a little trickier since awk does not have a non-verbose
case-insensitive switch, so you have to do one of these:
  awk '/[Ss][Ll][Uu][Rr][Pp]/ {print $1}' .../access.log
  awk '/slurp/ {print $1}' IGNORECASE=1 .../access.log


More information about the ubuntu-users mailing list