RCS file: RCS/abck,v Working file: abck head: 2.2 branch: locks: strict tundra: 2.2 access list: symbolic names: keyword substitution: kv total revisions: 21; selected revisions: 21 description: Scan /var/log/messages And Process Intrusion Attempts ---------------------------- revision 2.2 locked by: tundra; date: 2002/09/04 21:24:27; author: tundra; state: Exp; lines: +7 -6 Restructured code so that -s option properly observes the -l option. ---------------------------- revision 2.1 date: 2002/09/04 21:14:48; author: tundra; state: Exp; lines: +2 -2 Minor cosmetic change to help display. ---------------------------- revision 2.0 date: 2002/09/04 21:06:59; author: tundra; state: Exp; lines: +94 -16 Implemented ability to ignore IPs/hostnames found in ~/.abck_ignored. Implemented cache for DNS reverse lookups. Implemented -i option to turn off ignoring specified IPs/hostnames. Implemented -l option to show records being ignored and list ignored IPs/hostnames. Implemented -h option to display help information which was also reformatted. Implemented -v option to display detailed version information. ---------------------------- revision 1.99 date: 2001/07/27 08:02:23; author: tundra; state: Exp; lines: +2 -2 Corrected f.close() indentation. ---------------------------- revision 1.98 date: 2001/07/27 05:46:32; author: tundra; state: Exp; lines: +53 -17 Added the Forget and Quit user interaction options. ---------------------------- revision 1.97 date: 2001/07/27 02:11:59; author: tundra; state: Exp; lines: +2 -3 Minor cosmetic changes. ---------------------------- revision 1.96 date: 2001/07/27 02:09:15; author: tundra; state: Exp; lines: +22 -15 Finished integrating email notification into 'abck'. The 'abnot' script is no longer necessary. ---------------------------- revision 1.95 date: 2001/07/27 01:45:24; author: tundra; state: Exp; lines: +87 -18 Now looks at history file to determine if a given record has already been processed and can thus be ignored. Put in most of the scaffolding for direct email output from abck so we can drop the abnot script altogether. ---------------------------- revision 1.94 date: 2001/07/19 01:18:19; author: tundra; state: Exp; lines: +5 -4 Fixed minor bugs which occured when user keyed-in their own destination. ---------------------------- revision 1.93 date: 2001/07/19 00:03:37; author: tundra; state: Exp; lines: +3 -3 Changed prompt response logic so that the input loop continues until the user just hit Enter to accept the default. Explicit user input just loops back to the prompt with the user's input set as the new default. ---------------------------- revision 1.92 date: 2001/07/18 23:55:08; author: tundra; state: Exp; lines: +2 -2 Fixed user prompt. ---------------------------- revision 1.91 date: 2001/07/18 22:59:53; author: tundra; state: Exp; lines: +31 -12 Added command line options to exclude records based on a string and to only show, but not process any matching records. ---------------------------- revision 1.9 date: 2001/07/18 22:18:56; author: tundra; state: Exp; lines: +77 -10 Setup command line parsing via getops. User can now limit how far back to look as well as specifying a match string. ---------------------------- revision 1.8 date: 2001/07/18 09:01:40; author: tundra; state: Exp; lines: +9 -5 Added the ability to do 'whois' lookups at the user's request. ---------------------------- revision 1.7 date: 2001/07/18 02:45:26; author: tundra; state: Exp; lines: +2 -2 Changed skip record command from '!' to 's'. ---------------------------- revision 1.6 date: 2001/07/16 22:50:39; author: tundra; state: Exp; lines: +5 -4 Added complete log display on each prompt. ---------------------------- revision 1.5 date: 2001/07/16 21:19:10; author: tundra; state: Exp; lines: +3 -1 Added usage info ---------------------------- revision 1.4 date: 2001/07/16 21:15:34; author: tundra; state: Exp; lines: +9 -1 Added copyright info ---------------------------- revision 1.3 date: 2001/07/16 20:30:09; author: tundra; state: Exp; lines: +2 -2 Tightened up the re description of an IP quad. ---------------------------- revision 1.2 date: 2001/07/16 20:22:20; author: tundra; state: Exp; lines: +3 -3 Fixed command line processing logic to work when invoked with no args. Changed default output file name to 'ABUSERS' ---------------------------- revision 1.1 date: 2001/07/16 20:00:50; author: tundra; state: Exp; Initial revision ---------------------------- =============================================================================