daily

szepeviktor · Sep 16, 2023 · d8d0673 · d8d0673
1 parent cb38892
commit d8d0673
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 5 deletions.
diff --git a/monitoring/apache-4xx-report.sh b/monitoring/apache-4xx-report.sh
@@ -2,8 +2,8 @@
 #
 # Report Apache client and server errors of the last 24 hours.
 #
-# VERSION       :3.0.0
-# DATE          :2023-03-18
+# VERSION       :3.2.0
+# DATE          :2023-09-13
 # AUTHOR        :Viktor Szépe <viktor@szepe.net>
 # URL           :https://github.com/szepeviktor/debian-server-tools
 # LICENSE       :The MIT License (MIT)
@@ -145,7 +145,7 @@ while read -r CONFIG_FILE; do
     # https://datatracker.ietf.org/doc/html/rfc9110#section-15.5
     nice dategrep --multiline \
         --start "now truncate 24h add -17h35m" --end "06:25:00" "${ACCESS_LOG}".[1] "${ACCESS_LOG}" \
-        | grep --extended-regexp '" (40[0-9]|41[0-7]|42[126]|50[0-5]) [0-9]+ "' \
+        | grep --extended-regexp '" [45][0-9][0-9] [0-9]+ "' \
         | sed -e "s#^#$(basename "${ACCESS_LOG}" .log): #"
 
     ## "+" encoded spaces, lower case hexadecimal digits
@@ -175,7 +175,7 @@ done <<<"${APACHE_CONFIGS}" >"${LOG_EXCERPT}"
 
     Array_to_lines "${IGNORE_PATTERNS[@]}" \
         | grep --extended-regexp --invert-match --file=- "${LOG_EXCERPT}" \
-        | dd iflag=fullblock bs=1M count=5 2>/dev/null
+        | dd iflag=fullblock bs=1M count=2 2>/dev/null
 } | Maybe_sendmail
 
 rm "${LOG_EXCERPT}"

diff --git a/monitoring/goaccess.sh b/monitoring/goaccess.sh
@@ -161,7 +161,7 @@ Exclude_hetrixtools()
 
 Goaccess()
 {
-    local GEOIP_DB="/var/lib/GeoIP/GeoLite2-City.mmdb"
+    local GEOIP_DB="/var/lib/GeoIP/GeoLite2-ASN.mmdb"
 
     # shellcheck disable=SC2046
     goaccess \

diff --git a/security/myattackers-ipsets/ipset/datacamp.ipset b/security/myattackers-ipsets/ipset/datacamp.ipset
@@ -27,6 +27,7 @@ add datacamp 193.218.190.0/24
 # AS206092 - IPXO / SECFIREWALL
 # Legaco, Panq
 add datacamp 45.86.200.0/24
+add datacamp 45.95.243.0/24
 add datacamp 45.154.138.0/24
 add datacamp 63.135.161.0/24
 add datacamp 82.118.29.0/24

diff --git a/security/myattackers-ipsets/ipset/des-capital.ipset b/security/myattackers-ipsets/ipset/des-capital.ipset
@@ -0,0 +1,22 @@
+# AS213035 - Des Capital / Delis / Serverion
+#: ipset -exist restore <ipset/des-capital.ipset
+#: iptables -w -I myattackers-ipset -m set --match-set des-capital src -j REJECT
+create des-capital hash:net family inet hashsize 64 maxelem 32
+flush des-capital
+
+# AS211252 - Delis
+add des-capital 37.0.11.0/24
+add des-capital 45.12.253.0/24
+add des-capital 94.156.102.0/24
+add des-capital 95.214.24.0/24
+add des-capital 185.254.37.0/24
+add des-capital 194.55.224.0/24
+add des-capital 194.180.48.0/24
+
+# Single IP
+add des-capital 194.87.151.73
+
+# AS399471 - Serverion
+
+# AS17447 - Net4India
+add des-capital 147.78.103.0/24