From owner-freebsd-questions@FreeBSD.ORG Sun Jun 14 23:55:22 2015 Return-Path: Delivered-To: freebsd-questions@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5180BFD1 for ; Sun, 14 Jun 2015 23:55:22 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 11757909 for ; Sun, 14 Jun 2015 23:55:21 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de (port-92-195-111-193.dynamic.qsc.de [92.195.111.193]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx02.qsc.de (Postfix) with ESMTPS id E59DF24CB8; Mon, 15 Jun 2015 01:55:17 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id t5ENtGPq002079; Mon, 15 Jun 2015 01:55:17 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Mon, 15 Jun 2015 01:55:16 +0200 From: Polytropon To: "Lt. Commander" Cc: Subject: Re: Script question Message-Id: <20150615015516.b3ea7633.freebsd@edvax.de> In-Reply-To: References: <557B8484.9060405@gmail.com> <557C6DED.9070105@gmail.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jun 2015 23:55:22 -0000 On Sun, 14 Jun 2015 15:07:18 -0500, Lt. Commander wrote: > I know it's ugly..... but places a list of the IPs in a file plus sends me a > message with the same list. Yes, it is ugly, but will probably work fine. :-) Allow me a few comments: > #!/bin/sh > cd /var/log Use absolute file names - you're accessing /var/log/maillog only once. > grep -i spam=YES maillog > spam.tmp && \ Don't write temporary files to /var/log, use /tmp instead. > awk '{print $11}' spam.tmp | sort | uniq > spam-hi && \ You could omit the spam.tmp file and output the grep result into awk directly, or maybe better, use awk's pattern matching. Then you would have something like this: grep -i "spam=YES" /var/log/maillog | awk '{print $11}' | sort | uniq | sed -e 's/^.*=//' > /tmp/spam-ip.txt Or if you want to omit the grep call: awk '/spam=YES/ {print $11}' /var/log/maillog | sort | uniq | sed -e 's/^.*=//' > /tmp/spam-ip.txt And then continue: cat /tmp/spam-ip.txt >> /usr/samba/mail/envelope cat /tmp/spam-ip.txt | mail -s "SPAM IPs...." us.navy@outlook.com Finally, you can easily remove /tmp/spam-ip.txt. The sort | uniq step is a very interesting and useful one. Good idea! Have a look at "man sort" if sort -g fits your needs better than the default, which I think is -n. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...