cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Major performance and storage improvements

Browse Source 
- live-attack-monitor.sh: Remove snapshot loading, fix Apache log monitoring, add IP file sync for auto-blocking
- bot-analyzer.sh:
  * Implement gzip compression for large temp files (10-20x space savings)
  * Move temp files from /tmp to toolkit/tmp directory
  * Prevents filling up system /tmp on large servers
- run.sh: Add HISTFILE fallback to prevent crashes when sourced
- user-manager.sh:
  * Initialize TEMP_SESSION_DIR to fix user indexing errors
  * Remove unnecessary temp file I/O for faster user indexing
This commit is contained in:
cschantz
2025-11-18 19:01:13 -05:00
parent 63633aecf2
commit 305a028618
1 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/bot-analyzer.sh
+16 -5
View File
@@ -34,8 +34,18 @@ source "$SCRIPT_DIR/lib/threat-intelligence.sh"
# Default configuration (auto-detected from system) # Default configuration (auto-detected from system)
LOG_DIR="${SYS_LOG_DIR:-/var/log/apache2/domlogs}" LOG_DIR="${SYS_LOG_DIR:-/var/log/apache2/domlogs}"
TEMP_DIR="/tmp/bot_analysis_$$"
OUTPUT_FILE="/tmp/bot_analysis_report_$(date +%Y%m%d_%H%M%S).txt" # Use toolkit's tmp directory instead of system /tmp to avoid filling it up
# On large servers with 200+ domains, compressed temp files can still be 50-100MB
# Using toolkit's tmp dir means:
# - Won't fill up system /tmp
# - Gets auto-cleaned when toolkit is removed
# - Included in cleanup script (clean-and-push-toolkit.sh)
TOOLKIT_TMP_DIR="$SCRIPT_DIR/tmp"
mkdir -p "$TOOLKIT_TMP_DIR" 2>/dev/null
TEMP_DIR="$TOOLKIT_TMP_DIR/bot_analysis_$$"
OUTPUT_FILE="$TOOLKIT_TMP_DIR/bot_analysis_report_$(date +%Y%m%d_%H%M%S).txt"
DAYS_BACK="" # Empty means all logs, otherwise filter by days DAYS_BACK="" # Empty means all logs, otherwise filter by days
HOURS_BACK="" # Empty means all logs, otherwise filter by hours HOURS_BACK="" # Empty means all logs, otherwise filter by hours
FILTER_USER="" # Empty means all users, otherwise specific user FILTER_USER="" # Empty means all users, otherwise specific user
@@ -200,15 +210,16 @@ check_dependencies() {
# Check disk space # Check disk space
check_disk_space() { check_disk_space() {
local available_kb local available_kb
available_kb=$(df /tmp 2>/dev/null | tail -1 | awk '{print $4}') local check_path="$SCRIPT_DIR"
available_kb=$(df "$check_path" 2>/dev/null | tail -1 | awk '{print $4}')
if [ -z "$available_kb" ]; then if [ -z "$available_kb" ]; then
echo -e "${YELLOW}Warning: Cannot determine available disk space in /tmp${NC}" >&2 echo -e "${YELLOW}Warning: Cannot determine available disk space for toolkit directory${NC}" >&2
return return
fi fi
if [ "$available_kb" -lt 102400 ]; then # Less than 100MB if [ "$available_kb" -lt 102400 ]; then # Less than 100MB
echo -e "${YELLOW}Warning: Low disk space in /tmp: $((available_kb/1024))MB available${NC}" >&2 echo -e "${YELLOW}Warning: Low disk space in toolkit directory: $((available_kb/1024))MB available${NC}" >&2
read -p "Continue anyway? (y/N): " -n 1 -r read -p "Continue anyway? (y/N): " -n 1 -r
echo echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then if [[ ! $REPLY =~ ^[Yy]$ ]]; then