Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running it through ip block #4

Open
pavs opened this issue Feb 3, 2016 · 5 comments
Open

Running it through ip block #4

pavs opened this issue Feb 3, 2016 · 5 comments

Comments

@pavs
Copy link

pavs commented Feb 3, 2016

I have couple of /22 ip block. Would it be possible to modify it to support ip block and then dump a summary?
@IntellexApps
Copy link
Owner

Maybe it would be a better option to create an additional script that will iterate over a list, which will generate summary? We might create it and add it to the repository, what do you think?

@pavs
Copy link
Author

pavs commented Feb 3, 2016

I think that would be awesome. I gave it a shot, but bash fu isn't that great.

Created a ip.txt files with each ip for each line.

Made a script (auto.sh) to run through the ip list like this:

while read ip ; do
    ./blacklist.sh $ip
done < block.txt

It does what it should but I can't seem figure out how to print out the summary.
I tried this:

./auto.sh > 12_temp.txt
grep -q 'Blacklisted:[ \t]*0$' 12_temp.txt || cat 12_temp.txt >> 12.txt
rm -f 12_temp.txt

But it doesn't seem to work, The idea was to isolate the ips that scanned positive on a blacklist.

@pavs
Copy link
Author

pavs commented Feb 3, 2016

ooh I think I found the solution.

New Script:

pavs@octopus:/var/www/html/test$ cat auto2.sh

while read ip ; do
        ./blacklist.sh -p $ip > result.txt
grep 'Blacklisted:[ \t]*0$' result.txt 
done < block.txt

Had two ip on the block.txt, one blacklisted one non blacklisted. Only the blacklisted one got written to txt file. Result:

pavs@octopus:/var/www/html/test$ sudo sh -x auto2.sh
+ read ip
+ ./blacklist.sh -p <non-blacklisted-ip>
+ grep Blacklisted:[ \t]*0$ result.txt
Blacklisted:   0
+ read ip
+ ./blacklist.sh -p <blacklisted-ip>
+ grep Blacklisted:[ \t]*0$ result.txt
+ read ip
pavs@octopus:/var/www/html/test$ cat result.txt
Warning: PTR lookup failed
b.barracudacentral.org : 127.0.0.2
bb.barracudacentral.org : 127.0.0.2
black.junkemailfilter.com : 127.0.0.2
dnsbl.justspam.org : 127.0.0.2
hostkarma.junkemailfilter.com : 127.0.0.2

----------------------------------------------------------
Results for <blacklistedip>

Tested:        117
Passed:        112
Invalid:       0
Blacklisted:   5
----------------------------------------------------------

I have 2500+ ips, if I run tem though one script, with an avg of 90 seconds per ip it will take a little more than 2 day (+6 hours), so I think I will break down the ips in to smaller section and run them through cron job.

Let me know what you think or if I could make it better.

@hunsheridan
Copy link
Contributor

Hmmm... Starting to think about implementing Thread support... may give it a go in the weekend unless a better solution appears...

@lunarsoap5
Copy link

When I try to run the program, I keep getting told that there is no DNS record found for any IP addresses. Any idea why this is happening?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@pavs @IntellexApps @hunsheridan @lunarsoap5