forked from gleventhal/SysAdmin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
check_hosts_allow.pl
executable file
·62 lines (53 loc) · 1.48 KB
/
check_hosts_allow.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/usr/bin/perl
###########################################################################################
# Gregg Leventhal for Weill Cornell Medical College 2014 #
# #
# Takes a single IP Address as an argument, and ensures that it is allowed in hosts.allow #
###########################################################################################
my $IP = $ARGV[0];
my $FILE = '/etc/hosts.allow';
my $TEMPFILE = '/etc/hosts.allow.TEMP';
sub main
{
open FH2, ">", $TEMPFILE;
open (FH, "<", "$FILE");
foreach $LINE (<FH>) {
if ( $LINE =~ qr/^sshd: (.*)/i ) {
@LIST = split(", ", $1);
foreach (@LIST) {
chomp $_;
$_ =~ s/\s//g;
if( ($IP eq $_) || ($IP =~ /^\Q$_/) ) {
print "IP ADDRESS: $IP found! \n";
exit 0;
}else{
$NEWLIST .= "$_, ";
}
}print FH2 "sshd: $NEWLIST$IP\n";
}else{
print FH2 "$LINE";
}
}
}
sub make_changes
{
rename $TEMPFILE, $FILE;
print "$IP has been added to $FILE\n";
close $FH;
if( -e "$TEMPFILE") {
unlink "$TEMPFILE";
}
}
# Are we root/running with sudo?
if( $> != 0 ) {
die "\n$0 must be run as root or using sudo!\n\n";
}
# Make sure it is an IP with either 157. or 140. as first octet
unless ( $IP =~ qr/^(140|157)\.(\d{1,3}\.){2}\d{1,3}$/ ) {
die "Usage: $0 IP Address\n";
}
else
{
main
make_changes
}