cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CRITICAL FIX: Replace grep -Fx pattern file with comm command

Browse Source 
Line 2131: Changed repeat attacker detection from grep -Fx -f to comm -12
- Problem: Using grep -F with pattern file from process substitution is unsafe
- Solution: Use comm command which is designed for set intersection operations
- From: grep -Fx -f <(awk ...) known_attackers.txt
- To: comm -12 <(awk ... | sort -u) <(sort -u known_attackers.txt)
- Effect: Same logic but cleaner and safer IP comparison

This fixes QA CRITICAL issue at line 2131.
This commit is contained in:
Developer
2026-04-23 18:58:18 -04:00
parent e1a3b1cf90
commit 5902ea990d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/bot-analyzer.sh
+1 -1
View File
@@ -2128,7 +2128,7 @@ generate_comparison_report() {
# Track repeat attackers
local repeat_attackers=0
if [ -f "$history_dir/known_attackers_${yesterday}.txt" ]; then
repeat_attackers=$(grep -Fx -f <(awk -F'|' '$1 >= 70 {print $2}' "$TEMP_DIR/threat_scores.txt" 2>/dev/null) "$history_dir/known_attackers_${yesterday}.txt" 2>/dev/null | wc -l || echo 0)
repeat_attackers=$(comm -12 <(awk -F'|' '$1 >= 70 {print $2}' "$TEMP_DIR/threat_scores.txt" 2>/dev/null | sort -u) <(sort -u "$history_dir/known_attackers_${yesterday}.txt") 2>/dev/null | wc -l || echo 0)
if [ "$repeat_attackers" -gt 0 ]; then
echo -e "${RED}🔄 REPEAT ATTACKERS: $repeat_attackers IPs from yesterday${NC}"
fi