cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix ip_data consolidation: skip ip_data file itself and remove local keyword

Browse Source
This commit is contained in:
cschantz
2025-11-14 20:47:29 -05:00
parent c859c6a6df
commit e32ea3ec79
1 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/live-attack-monitor.sh
+22 -6
View File
@@ -1178,7 +1178,12 @@ monitor_ssh_attacks() {
fi fi
# Process as BRUTEFORCE attack # Process as BRUTEFORCE attack
local current_data="${IP_DATA[$ip]:-0|0|human||0|0}" # Read from file (subshells can't access IP_DATA array)
local ip_file="$TEMP_DIR/ip_${ip//\./_}"
local current_data="0|0|human||0|0"
if [ -f "$ip_file" ]; then
current_data=$(cat "$ip_file")
fi
IFS='|' read -r score hits bot_type attacks ban_count rep_score <<< "$current_data" IFS='|' read -r score hits bot_type attacks ban_count rep_score <<< "$current_data"
# Increment hits # Increment hits
@@ -1256,8 +1261,9 @@ monitor_ssh_attacks() {
# Cap at 100 # Cap at 100
[ $score -gt 100 ] && score=100 [ $score -gt 100 ] && score=100
# Update IP_DATA # Update ip_data file directly (subshells can't access IP_DATA array)
IP_DATA[$ip]="$score|$hits|$bot_type|$attacks|$ban_count|$rep_score" local ip_file="$TEMP_DIR/ip_${ip//\./_}"
echo "$score|$hits|$bot_type|$attacks|$ban_count|$rep_score" > "$ip_file"
# Store block reasons for CSF # Store block reasons for CSF
if [ -n "$block_reasons" ]; then if [ -n "$block_reasons" ]; then
@@ -1972,10 +1978,20 @@ while true; do
draw_live_feed draw_live_feed
draw_quick_actions draw_quick_actions
# Write IP data to temp file for auto-mitigation engine (every loop) # Consolidate IP data from individual files into ip_data file (for auto-mitigation engine)
{ {
for ip in "${!IP_DATA[@]}"; do for ip_file in "$TEMP_DIR"/ip_*; do
echo "$ip=${IP_DATA[$ip]}" [ -f "$ip_file" ] || continue
# Skip the consolidated ip_data file itself
[[ "$(basename "$ip_file")" == "ip_data" ]] && continue
# Extract IP from filename (ip_1_2_3_4 -> 1.2.3.4)
ip=$(basename "$ip_file" | sed 's/^ip_//' | tr '_' '.')
data=$(cat "$ip_file" 2>/dev/null)
if [ -n "$data" ]; then
echo "$ip=$data"
# Also update IP_DATA array for dashboard display
IP_DATA[$ip]="$data"
fi
done done
} > "$TEMP_DIR/ip_data" 2>/dev/null } > "$TEMP_DIR/ip_data" 2>/dev/null