Removing IP’s from DenyHosts

DenyHosts will scan your auth logs and add any ip to hosts.deny trying to brute force a login. That’s great, but I feel it lacks an important feature: An easy way to remove a blacklisted ip address. So I’ve come up with a script to do it for you.

Please note, I’ve only tested this on Debian Linux and you may have to modify it to fit your operating system.

Save the following as ‘ipdenyremove’ and you’re set:

#!/bin/bash
if [[ $1 == "" ]]; then
        echo "usage: ./ipdenyremove ip-to-remove-from-denyhosts";
        exit 1;
fi

thepath="/var/lib/denyhosts/";
for x in `ls $thepath`; do
        file=$(<$thepath/$x)
        echo "$file" | {
                while read line; do
                    if [[ $line != *$1* ]]; then
                        echo $line
                    fi
                done
        } > $thepath/$x
done

hostsdeny="/etc/hosts.deny";
file=$(<$hostsdeny)
echo "$file" | {
        while read line; do
            if [[ $line != *$1* ]]; then
                echo $line
            fi
        done
} > $hostsdeny

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.