Bash scripting: Apply a firewall rule dynamically by reading a log file

Bash scripting: Apply a firewall rule dynamically by reading a log file

Some years ago, I needed to apply hundreds of firewall rules dynamically by reading a log file.
It was basically a DDos attack and the requests were easily identifyable since the attacker’s software was using the protocol HTTP/1.0.
I solved by pipeing some unix standard commands:  tail, grep, awk, iptables

Recap:

  • tail -f continuously reads  the log file
  • grep filters the rows containing  HTTP/1.0
  • awk extracts the attacker ip address and pass it to the firewall rule by the variable $1

Leave a Reply

Your email address will not be published. Required fields are marked *