Merge pull request #1554 from iasdeoupxe/patch-1

host-deny.sh: Move duplicate entry check into the add action
ossec · Oct 9, 2018 · e68ba6a · e68ba6a
2 parents c7a3850 + 955af3c
commit e68ba6a
Showing 1 changed file with 3 additions and 11 deletions.
diff --git a/active-response/host-deny.sh b/active-response/host-deny.sh
@@ -93,19 +93,11 @@ if [ ! $? = 0 ]; then
 fi
 
 
-# Looking for duplication
-IPKEY=$(grep -w "${IP}" /etc/hosts.deny)
-if [ ! -z "$IPKEY" ]
-then
-    IPKEY="1"
-else
-    IPKEY="0"
-fi
-
-
 # Adding the ip to hosts.deny
 if [ "x${ACTION}" = "xadd" ]; then
-    if [ "$IPKEY" -eq "1" ]; then
+    # Looking for duplication
+    IPKEY=$(grep -w "${IP}" /etc/hosts.deny)
+    if [ ! -z "$IPKEY" ]; then
         echo "IP ${IP} already exists on host.deny..." >> ${PWD}/../logs/active-responses.log
         exit 1
     fi