Voici la liste :
# zgrep "HNAP1" /var/log/apache2/access.*.log.*.gz | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c 2 45.15.18.3 1 49.143.32.6 2 84.17.42.11 1 101.0.54.165 1 113.220.18.13 2 151.106.8.41 1 182.119.98.177 1 103.91.80.2 --> Inde
Action, blocage de ses IP :
iptables -A INPUT -s 45.15.18.3 -j DROP iptables -A INPUT -s 49.143.32.6 -j DROP iptables -A INPUT -s 84.17.42.11 -j DROP iptables -A INPUT -s 101.0.54.165 -j DROP iptables -A INPUT -s 113.220.18.13 -j DROP iptables -A INPUT -s 151.106.8.41 -j DROP iptables -A INPUT -s 182.119.98.177 -j DROP iptables -A INPUT -s 103.91.80.2 -j DROP iptables-save > /etc/iptables/rules.v4
A noter que 84.17.42.11 c’est en France ….
Misère.
Nouvelle liste d’IP que je viens de bloquer :
# grep « HNAP1 » /var/log/apache2/access.humhub.log | awk ‘{print $1}’ | sort | uniq
199.193.97.11
208.100.26.229
24.151.40.195
24.54.56.243
34.105.221.29
34.118.91.198
34.77.120.149
35.246.93.126
47.214.121.207
64.68.228.64
89.240.192.186
grep « HNAP1 » /var/log/apache2/access.*.log* | sed ‘s/:/ /g’ | awk ‘{print $2}’ | sort -n | uniq -c
2 45.61.185.130
1 45.61.185.166
1 66.172.105.109
2 79.10.211.237
1 162.232.14.204
1 185.160.231.51
1 188.127.134.52
1 198.98.49.76
1 216.54.18.90
1 217.208.70.80