| 1 |
Sziaasztok! |
| 2 |
Van egy scriptem ami nem akar mukodni a crontabbal. |
| 3 |
Ha csak siman X-es konzolbol inditom hibatlanul mukodik, de ha a crontab |
| 4 |
csinalja, akkor lefut, csak nem jelenik meg a kivant ablak. |
| 5 |
A script azt csinalja, ha valaki meg portscanel, akkor feldob egy Xdialog |
| 6 |
ablakot, amibe kiirja, hogy ki volt az, es mikor. Mi a hiba? |
| 7 |
|
| 8 |
---------------- |
| 9 |
crontabom: |
| 10 |
---------------- |
| 11 |
|
| 12 |
# for vixie cron |
| 13 |
# remember to give cron a sighup when updating this file |
| 14 |
# |
| 15 |
# |
| 16 |
$Header: /home/cvsroot/gentoo-x86/sys-apps/vixie-cron/files/crontab-3.0.1-r4,v |
| 17 |
1.3 2003/12/14 17:19:25 azar$ |
| 18 |
# |
| 19 |
# |
| 20 |
|
| 21 |
# Global variables |
| 22 |
SHELL=/bin/bash |
| 23 |
PATH=/sbin:/bin:/usr/sbin:/usr/bin |
| 24 |
MAILTO=root |
| 25 |
HOME=/ |
| 26 |
|
| 27 |
# check scripts in cron.hourly, cron.daily, cron.weekly and cron.monthly |
| 28 |
0 * * * * root rm -f /var/spool/cron/lastrun/cron.hourly |
| 29 |
1 3 * * * root rm -f /var/spool/cron/lastrun/cron.daily |
| 30 |
15 4 * * 6 root rm -f /var/spool/cron/lastrun/cron.weekly |
| 31 |
30 5 1 * * root rm -f /var/spool/cron/lastrun/cron.monthly |
| 32 |
* * * * * root test -x /usr/sbin/run-crons && /usr/sbin/run-crons |
| 33 |
0-59 * * * * root /sbin/detectscan |
| 34 |
|
| 35 |
|
| 36 |
---------------------- |
| 37 |
es maga a script: |
| 38 |
---------------------- |
| 39 |
|
| 40 |
|
| 41 |
#!/bin/bash |
| 42 |
# |
| 43 |
# Copyright(C)2003 Sly |
| 44 |
# |
| 45 |
|
| 46 |
# a logfile megnyitasa |
| 47 |
exec 3<>/var/log/daemon.log |
| 48 |
|
| 49 |
# legutolso futtatas idopontja |
| 50 |
if [ -e /root/.detectscan ]; then |
| 51 |
lastrun=`cat /root/.detectscan` |
| 52 |
else |
| 53 |
lastrun=0 |
| 54 |
fi |
| 55 |
|
| 56 |
# file vizsgalata sorrol sorra |
| 57 |
while read -u 3 inpline |
| 58 |
do |
| 59 |
|
| 60 |
# szamunkra erdektelen sorok kiszurese |
| 61 |
detline=`echo "$inpline"|grep "scanlogd"` |
| 62 |
|
| 63 |
# jo sorban vagyunk |
| 64 |
if [ "x$detline" != "x" ]; then |
| 65 |
scandate=`echo "$inpline"|awk '{print $1,$2,$3}'` |
| 66 |
|
| 67 |
timestamp=`date -d "$scandate" +"%s"` |
| 68 |
|
| 69 |
|
| 70 |
#megnezzuk, hogy meg kell-e jeleniteni |
| 71 |
if [ $timestamp -gt $lastrun ]; then |
| 72 |
|
| 73 |
remoteip=`echo "$inpline"|awk '{print $6}'|sed -e 's/:.*//'` |
| 74 |
Xdialog --msgbox "Port scan detectet from ip $remoteip, date: |
| 75 |
$scandate" 5 70 |
| 76 |
|
| 77 |
fi |
| 78 |
|
| 79 |
fi |
| 80 |
done |
| 81 |
|
| 82 |
#kiirjuk a futtatas idopontjat |
| 83 |
date +"%s" >/root/.detectscan |
| 84 |
|
| 85 |
# a logfile bezarasa |
| 86 |
exec 3>&- |
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
|
| 92 |
|
| 93 |
|
| 94 |
|
| 95 |
-- |
| 96 |
bye |
| 97 |
|
| 98 |
Borz |
| 99 |
|
| 100 |
|
| 101 |
Kispal Szabolcs |
| 102 |
Email: kispalsz@×××××××.hu |
| 103 |
ICQ: 172496135 SCH 1210 |
| 104 |
|
| 105 |
-- |
| 106 |
gentoo-user-hu@g.o mailing list |
Archives