From 6c4778abba1a4ee49a412c3b2f0be54cb9025b03 Mon Sep 17 00:00:00 2001 From: CREATIVE_tg1 Date: Wed, 15 Apr 2026 10:52:22 +0000 Subject: [PATCH] =?UTF-8?q?=D0=9E=D0=B1=D0=BD=D0=BE=D0=B2=D0=B8=D1=82?= =?UTF-8?q?=D1=8C=20server/motd-info.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/motd-info.sh | 74 +++++++++++++++++++++++++++------------------ 1 file changed, 44 insertions(+), 30 deletions(-) diff --git a/server/motd-info.sh b/server/motd-info.sh index 313540e..1be98ff 100644 --- a/server/motd-info.sh +++ b/server/motd-info.sh @@ -15,7 +15,7 @@ CYAN="\033[0;36m" RESET="\033[0m" MEM_STAT=$(free -m | awk '/^Mem:/{printf "%.1f/%.1f МБ", $3, $2}') -LOAD_AVG=$(cat /proc/loadavg | awk '{print $1 " " $2 " " $3}') +LOAD_AVG=$(awk '{print $1 " " $2 " " $3}' /proc/loadavg) if command -v sensors &>/dev/null && sensors | grep -iP "Core|temp1" >/dev/null; then CPU_TEMP=$(sensors | grep -iP "Core|temp1" | head -n1 | awk '{print $NF}') elif [[ -r /sys/class/thermal/thermal_zone0/temp ]]; then @@ -26,42 +26,50 @@ else fi DISK_STAT=$(df -h / | awk 'NR==2{printf "%s/%s (свободно/всего)", $4, $2}') -AUTHLOG="" -if [[ -f /var/log/auth.log ]]; then - AUTHLOG="/var/log/auth.log" -elif [[ -f /var/log/secure ]]; then - AUTHLOG="/var/log/secure" -fi - -DATE_24H_AGO=$(date --date="24 hours ago" "+%b %-d") -CURRENT_DATE=$(date "+%b %-d") +# Английская локаль для дат +DATE_24H_AGO=$(LC_TIME=C date --date="24 hours ago" "+%b %-d") +CURRENT_DATE=$(LC_TIME=C date "+%b %-d") HOUR_24H_AGO=$(date --date="24 hours ago" "+%H") CURRENT_HOUR=$(date "+%H") -extract_lines_24h() { - awk -v d1="$DATE_24H_AGO" -v d2="$CURRENT_DATE" -v h1="$HOUR_24H_AGO" -v h2="$CURRENT_HOUR" ' - { - line_date = $1 " " $2 - line_hour = substr($3,1,2) - if (line_date == d1 && line_date != d2) { - if (line_hour >= h1) print $0 +get_recent_logs() { + local AUTHLOG="" + if [[ -f /var/log/auth.log ]]; then + AUTHLOG="/var/log/auth.log" + elif [[ -f /var/log/secure ]]; then + AUTHLOG="/var/log/secure" + fi + + if [[ -n "$AUTHLOG" ]]; then + awk -v d1="$DATE_24H_AGO" -v d2="$CURRENT_DATE" -v h1="$HOUR_24H_AGO" -v h2="$CURRENT_HOUR" ' + { + line_date = $1 " " $2 + line_hour = substr($3,1,2) + if (line_date == d1 && line_date != d2) { + if (line_hour >= h1) print $0 + } + else if (line_date == d2) { + if (line_hour <= h2) print $0 + } + else if (line_date > d1 && line_date < d2) { + print $0 + } } - else if (line_date == d2) { - if (line_hour <= h2) print $0 - } - else if (line_date > d1 && line_date < d2) { - print $0 - } - } - ' "$AUTHLOG" + ' "$AUTHLOG" + elif command -v journalctl &>/dev/null; then + journalctl -u ssh -u sshd --since "24 hours ago" --no-pager 2>/dev/null + fi } FAILED_IPS="" SUCCESS_IPS="" -if [[ -n $AUTHLOG ]]; then - RECENT_LOG=$(extract_lines_24h) - FAILED_IPS=$(echo "$RECENT_LOG" | grep "Failed password" | awk '/from/ {print $(NF-3)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}') - SUCCESS_IPS=$(echo "$RECENT_LOG" | grep "Accepted password" | awk '/from/ {print $(NF-3)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}') + +RECENT_LOG=$(get_recent_logs) + +if [[ -n "$RECENT_LOG" ]]; then + # Ищем любые попытки ("Failed" и "Accepted") и корректно достаем IP (после слова "from") + FAILED_IPS=$(echo "$RECENT_LOG" | grep "Failed " | awk '{for(i=1;i<=NF;i++) if($i=="from") print $(i+1)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}') + SUCCESS_IPS=$(echo "$RECENT_LOG" | grep "Accepted " | awk '{for(i=1;i<=NF;i++) if($i=="from") print $(i+1)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}') fi echo -e "\n\n\n${BLUE}============ Состояние сервера ============${RESET}" @@ -84,8 +92,14 @@ else echo "Нет успешных входов за 24 часа." fi -echo -e "\n${GREEN}Вы успешно вошли как ${USER} с IP: $(echo $SSH_CONNECTION | awk '{print $1}')${RESET}" +if [[ -n "$SSH_CONNECTION" ]]; then + CURRENT_IP=$(echo $SSH_CONNECTION | awk '{print $1}') + echo -e "\n${GREEN}Вы успешно вошли как ${USER} с IP: ${CURRENT_IP}${RESET}" +else + echo -e "\n${GREEN}Вы успешно вошли как ${USER} (Локальный вход)${RESET}" +fi echo -e "${BLUE}=============================================${RESET}" + EOF chmod +x "$TARGET_PATH"