Tag Archives: bash

dumb apache2 iptables security

This is an aggressive script that will -j DROP anything that moves.

This is the regexp list (noisily named “regexp-list.ib” in my filesystem):

#file containing idiotblocker's database

This is the script:

for i in `grep -iv ^# regexp-list.ib`
do for a in `grep -i $i /var/log/apache2/access.log | awk -F'-' '{print $1}' |sort -n | uniq`
do echo "$a found and screwed with iptables"
iptables -A INPUT -s $a -j DROP


I love the quick and dirty concept when you apply it over solid foundations.
This brings me to the magic world of bash scripts.

Just to warm up things, to break the ice and offer you a coffee,
here’s one of my favorite one:

for i in $( ls *.{mp3,avi,mov,flv,ogg})
do echo "media file: $i"

This will show al the mp3, avi, mov, flv, ogg files in the current directory