> On Dec 2, 2016, at 1:30 AM, @lbutlr <krem...@kreme.com> wrote:
>
> I have a bash script that does it, and when a user wants this, I simply set
> up a crontab for them. Usually after a week or so they want it turned off.
> The script sends them a lightly styled HTML table in the email.
>
> The heart of the script is:
>
> if [ "$REJECT" = 1 ]; then
> echo '<tr><th> </th><th>IP address</th><th>Claimed address</th></tr>'
> bzgrep "$MATCHPAT" $LOGF | grep -i reject | egrep 'from=<[^>]+>' | grep -v
> "Protocol error" | \
> grep -v "$EXCLUDE" | sort -u | sed 's/from=<//' | tr -d '>,[]:' | grep -v
> rejected | \
> awk '{print "<tr><td class=\"rej\">REJECTED</td><td
> class=\"right\">"$16"</td><td>"$20"</td></tr>"}'
> fi
Careful with that. To easy to create a script injection vector. Bash is not
a good language in which to construct safely quoted remote content for injection
into a suitable HTML skeleton.
--
Viktor.
