Step 1 – Install packages
$ sudo yum install -y jq curl
Step 2 – Create scripts
$ sudo cp /etc/csf/csf.deny /etc/csf/csf.deny.old
$ sudo touch /etc/csf/hasil_diff
$ sudo mkdir /etc/scripts/
$ sudo vi /etc/scripts/CheckIpBlock.sh
#!/bin/bash
#-------- [Script Check IP] --------#
# Powered by Aditya Maulana #
# 2016-10-18 19:29 #
#-----------------------------------#
#--- path csf ---#
deny_new="/etc/csf/csf.deny"
deny_old="/etc/csf/csf.deny.old"
deny_result="/etc/csf/hasil_diff"
#--- telegram ---#
USERID="124579893"
KEY="1105031800:AAHKAIf3BUEI6ErI9qONOcAF-VPUTwz0tAw"
TIMEOUT="10"
URL="https://api.telegram.org/bot$KEY/sendMessage"
DATE_EXEC="$(date "+%d %b %Y %H:%M")"
#--- bandingkan ---#
awk 'FNR==NR{a[$1]++;next}!a[$1]' $deny_old $deny_new > $deny_result
#--- kirim notif ke telegram ---#
if [ -s $deny_result ]; then
ORG=$(cat $deny_result)
TEXT="*[WEB - 192.168.0.25] Firewall*%0A IP Address berikut telah diblock oleh Firewall%3A%0A %0A $ORG %0A %0A%0A---%0AAuthor by *Aditya Maulana*"
curl -s --max-time $TIMEOUT -d "chat_id=$USERID&disable_web_page_preview=1&parse_mode=Markdown&text=$TEXT" $URL > /dev/null
#--- new diff ---#
cp $deny_new $deny_old
fi
$ sudo chmod +x /etc/scripts/CheckIpBlock.sh
Step 3 – Add to Cron
$ sudo crontab -e #--- check ip block ---# */1 * * * * /etc/scripts/CheckIpBlock.sh > /dev/null 2>&1