Skip to content

Instantly share code, notes, and snippets.

@ychaouche

ychaouche/banned ips from the script

Last active November 20, 2024 08:22
Show Gist options
  • Save ychaouche/a3473bf30bf0a6fd27bdc0d61373b074 to your computer and use it in GitHub Desktop.
Save ychaouche/a3473bf30bf0a6fd27bdc0d61373b074 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
banned ips from the script
root@messagerie-prep[10.10.10.19] ~ # head /tmp/interactivebans.banned.sorted
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
101.207.142.141 banned!
root@messagerie-prep[10.10.10.19] ~ # tail /tmp/interactivebans.banned.sorted
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
61.241.217.82 banned!
root@messagerie-prep[10.10.10.19] ~ #
Raw
dmesg output
root@messagerie-prep[10.10.10.19] ~ # dmesg -T | tail
[Sun Nov 17 07:30:38 2024] device eth0 entered promiscuous mode
[Sun Nov 17 07:31:00 2024] device eth0 left promiscuous mode
[Sun Nov 17 07:32:42 2024] device eth0 entered promiscuous mode
[Sun Nov 17 15:48:28 2024] device eth0 left promiscuous mode
[Mon Nov 18 08:53:07 2024] device eth0 entered promiscuous mode
[Mon Nov 18 15:39:18 2024] device eth0 left promiscuous mode
[Mon Nov 18 18:05:39 2024] TCP: TCP: Possible SYN flooding on port 80. Sending cookies. Check SNMP counters.
[Tue Nov 19 07:49:33 2024] device eth0 entered promiscuous mode
[Tue Nov 19 07:49:37 2024] device eth0 left promiscuous mode
[Tue Nov 19 07:49:43 2024] device eth0 entered promiscuous mode
root@messagerie-prep[10.10.10.19] ~ #
Raw
iptables dyanmic chain output
root@messagerie-prep[10.10.10.19] ~ # shorewall show dynamic | sort -k 9 | nl | head
1 Chain dynamic (1 references)
2 Counters reset Tue Nov 19 14:51:53 CET 2024
3 0 0 logdrop all -- * * 60.1.6.82 0.0.0.0/0
4 0 0 logdrop all -- * * 112.2.36.2 0.0.0.0/0
5 0 0 logdrop all -- * * 175.42.1.3 0.0.0.0/0
6 0 0 logdrop all -- * * 175.4.34.2 0.0.0.0/0
7 0 0 logdrop all -- * * 27.115.5.2 0.0.0.0/0
root@messagerie-prep[10.10.10.19] ~ # shorewall show dynamic | sort -k 9 | nl | tail
2133 0 0 logdrop all -- * * 223.113.232.106 0.0.0.0/0
2134 0 0 logdrop all -- * * 223.160.230.233 0.0.0.0/0
2135 0 0 reject all -- * * 114.230.186.198 0.0.0.0/0
2136 0 0 reject all -- * * 119.185.228.240 0.0.0.0/0
2137 0 0 reject all -- * * 154.121.110.168 0.0.0.0/0
2138 0 0 reject all -- * * 185.234.218.186 0.0.0.0/0
2139 0 0 reject all -- * * 221.230.216.235 0.0.0.0/0
2140 83 4980 logdrop all -- * * 192.168.220.115 0.0.0.0/0
2141 pkts bytes target prot opt in out source destination
2142 Shorewall 4.6.4.3 Chain dynamic at messagerie-prep - Wed Nov 20 09:06:33 CET 2024
root@messagerie-prep[10.10.10.19] ~ #
Raw
logdrop chain
root@messagerie-prep[10.10.10.19] ~ # iptables -vnL logdrop
Chain logdrop (2110 references)
pkts bytes target prot opt in out source destination
112K 4467K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
root@messagerie-prep[10.10.10.19] ~ #
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment