Mitigate port
Views: 148 | Author: abh
import subprocess
import re
import collections
import time

# Configurações
log_file = '/var/log/syslog'
threshold = 4
block_duration = 86400  # 24 horas em segundos
ip_count = collections.defaultdict(int)
blocked_ips = set()

# Função para bloquear IP
def block_ip(ip):['sudo', 'csf', '-d', ip])

# Função para desbloquear IP
def unblock_ip(ip):['sudo', 'csf', '-dr', ip])

# Monitorar o log
with open(log_file, 'r') as f:
    lines = f.readlines()

for line in lines:
    match ='SRC=(\d+\.\d+\.\d+\.\d+).*DPT=(\d+)', line)
    if match:
        ip =
        port =
        ip_count[ip] += 1
        if ip_count[ip] >= threshold and ip not in blocked_ips:
            print(f'IP {ip} bloqueado devido a tentativas em excesso na porta {port}')

# Aguardar e desbloquear IPs após o tempo de bloqueio
for ip in blocked_ips:
    print(f'IP {ip} desbloqueado após {block_duration} segundos de bloqueio')


abh 2023-09-17 10:05

Just a code to demonstrating syntax highlighting, Source: You can also access the content through @pastebin/8GxUKYft