![]() It is the same command until the second pipe, where we use egrep to match both “Bilbo” and “lease”. ![]() The command looks like this: cat /var/lib/dhcp/db/dhcpd.leases | grep Bilbo -B 7 -A 1 | egrep 'Bilbo|lease' For that, we will use egrep, a special use of grep which allows us to use regular expressions. What we need to do is use a grep command to match two different strings instead of just one. ![]() Finally, we’ll see how to display only the information we are looking for: the hostname and the IP address. The curly bracket below the client-hostname line isn’t exactly important information–I’m just showing an example using both the -A and -B arguments. Without the -B 7 and -A 1 arguments, the output of the command would be only a single line:īut since we did use -B 7 and -A 1 arguments, we will receive the client-hostname line along with the 7 lines immediately above it and the 1 line directly below it: In this case, we have supplied the string, “Bilbo”, since that is the hostname we are hypothetically looking for. ![]() grep will print the entire line containing any string (text) that matches the string we supply. In this command, cat will display the entire contents of a file on the screen, but then using the special character “pipe” (seen between “leases” and “grep”), we send the output of the cat command to the grep command. Here’s the command we will use: cat /var/lib/dhcp/db/dhcpd.leases | grep Bilbo -B 7 -A 1 Now that we know the format of the leases, we can use cat, pipe it to grep with some arguments, and find the IP address of a particular host using the hostname. Depending on your network there may be hundreds of leases, if not more, so searching through them manually is a pain. There are three leases for three different hosts shown above. This command will display the last 27 lines of the specified file, which happens to be the lease file in this case. If we run a tail or cat on that log file, we can see some examples of a lease: tail -27 /var/lib/dhcp/db/dhcpd.leases CentOS/Red Hat Enterprise Linux has the lease file at the same path minus the “db” directory, so it is at /var/lib/dhcp/dhcpd.leases. On our OpenSUSE Linux DHCP server, the DHCP lease file is stored at /var/lib/dhcp/db/dhcpd.leases. #access monitoring authorized, denied and failedĪccessip=`sudo cat /var/log/httpd/access_log | awk '" > /tmp/acceessmonitor/failedauthip.txtĬat /tmp/acceessmonitor/uniqueaccessip.txt /tmp/acceessmonitor/uniquedeniedip.txt /tmp/acceessmonitor/failedpasswordip.txt /tmp/acceessmonitor/failedauthip.txt > /tmp/acceessmonitor/accessmonit$Ī=`comm -23 <(sort /tmp/acceessmonitor/accessmonitor1.txt) <(sort /tmp/acceessmonitor/accessmonitor2.txt) | wc -l`ī=`comm -23 /tmp/acceessmonitor/accessmonitor1.txt /tmp/acceessmonitor/accessmonitor2.txt`Ĭp /tmp/acceessmonitor/accessmonitor1.txt /tmp/acceessmonitor/accessmonitor2.If you’re using a Linux solution for your DHCP server, you can use cat and grep to quickly locate the IP address of a particular host based on their hostname. I would like to take it one step further by included any unauthorized (attempt) registration to an extension not part of my trusted IP list. In the past I had issues securing my server so with the help of people here I build a script that alert me when there is unauthorized access/attempt to me FreePBX.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |