LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 02-14-2012, 04:00 AM   #1
windstory
Member
 
Registered: Nov 2008
Posts: 443

Rep: Reputation: 31
awk error


I've got this code but it shows error message.


Code:
#!/bin/bash

days=`date +%d`
hour=`date +%H`
minget=`date +%M`
min=`expr substr $minget 1 1`

num=10
printf "%sdays tried to connect to Server checking...\n" $days

for i in $(cat /var/log/messages | grep "no such user" | awk '$2 == 30 {print $3 $7}' | awk '{print $1 $3}' | awk -F: 'substr($1, 1, 2)=="'"${hour}"'" && substr($2,1,1)=='"${min}"' {print $1 $2 $3}'| awk -F['{print $2}' | awk -F] '{print $1}' |uniq -c| awk '$1 >='"${num}"' {print($2)}')
do
                iptables -A INPUT -s $i -j DROP
                echo "The attacker's IP is $i" |  mail -s "Server login script kid was detected!" mine@gmail.com
done
error message:

Quote:
awk: fatal: Unmatched [ or [^: /[{print $2}/
Please let me know how to work this code.

Thanks in advance.
 
Old 02-14-2012, 04:07 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
well as the error clearly states, there is an unmatched square bracket:

Code:
awk -F['{print $2}'
it won't be matched by the one in
Code:
awk -F] '{print $1}'
as there is a pipe in the middle, making them two separate bash commands.

Oh, actually you want to use those as the field delimters... well as below, I would suggest starting from scratch really, but escape them with a \ first... -F\[ or -F'[' shoudl also work.

Last edited by acid_kewpie; 02-14-2012 at 07:16 AM.
 
1 members found this post helpful.
Old 02-14-2012, 07:14 AM   #3
grail
Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 7,561

Rep: Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939
Personally I think you need to completely revise your current string of commands. The repetitive nature of calling awk after awk is definitely not required.

Perhaps you could show some of your data and what it is you need to capture?

For example:
Code:
awk '$2 == 30 {print $3 $7}' | awk '{print $1 $3}'
If the first awk only prints 2 items, how is the second to print the first and third??

Last edited by grail; 02-14-2012 at 07:18 AM.
 
1 members found this post helpful.
Old 02-14-2012, 09:30 PM   #4
windstory
Member
 
Registered: Nov 2008
Posts: 443

Original Poster
Rep: Reputation: 31
grail/

Please understand I am not an programmer and did not make this code. I found at some webpage - which I forgot now - this code works to clean "/var/log/messages" file periodically.
 
Old 02-15-2012, 03:16 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966Reputation: 1966
No it doesn't work at all! what's the webpage?

That REALLY is not programming though... it's pretty simple sysadmin stuff.
 
1 members found this post helpful.
Old 02-19-2012, 03:34 AM   #6
windstory
Member
 
Registered: Nov 2008
Posts: 443

Original Poster
Rep: Reputation: 31
acid kewpie/

The webpage is here: http://blog.daum.net/hackeracademy/13519707.
 
Old 02-19-2012, 07:03 AM   #7
grail
Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 7,561

Rep: Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939
Well without being able to understand the Korean portions of the page, the line would still not work even for the original user for reasons I have already said.

How about we go back to where you explain what it is you need to be retrieving from /var/log/messages and show an example and we can help you with
something that will work?
 
1 members found this post helpful.
Old 02-20-2012, 03:19 AM   #8
windstory
Member
 
Registered: Nov 2008
Posts: 443

Original Poster
Rep: Reputation: 31
/grain

Thanks for your concerns.

Please be understood the author of this code said,

For preventing hacker's trying to connect ftp repeatedly, this code reads /var/logs/message and store data and the numbers of how many times some ftp tries to connect to the server without permission - with wrong id and password.
And this code write down ftp ip which is tyied to connect with wrong information, and automatically banned the ftp ip from ftp port if the ftp ip tries over "num" tries.

After I read this post, I thought if so this would be grate for my server's security.
 
Old 02-20-2012, 03:34 AM   #9
grail
Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 7,561

Rep: Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939Reputation: 1939
The theory sounds good but as I and others have pointed out, the current code will not work irrelevant of the intended solution.
 
1 members found this post helpful.
Old 02-22-2012, 06:01 PM   #10
windstory
Member
 
Registered: Nov 2008
Posts: 443

Original Poster
Rep: Reputation: 31
grail/ I appreciate for your kindness.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] awk - syntax error danielbmartin Programming 9 03-14-2012 10:56 PM
AWK error in Slack 13 phongb2b Linux - Newbie 6 01-14-2010 05:14 AM
Error on awk script sebelk Programming 6 10-16-2009 07:44 AM
grep and awk error bazzano Programming 2 04-06-2009 12:01 AM
bash script read error and awk ouptut error whited Programming 4 10-16-2007 07:05 PM


All times are GMT -5. The time now is 07:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration