Is there a way to remove CSF IPs (automatically using bash) that have comment # do not delete
append to it? For example this list below:
1.1.1.1 # do not delete
1.2.3.4 # This is another IP # do not delete
1.2.3.5 # This IP is bad # do not delete
If I remove the IP 1.1.1.1
using CSF like this:
csf -dr 1.1.1.1
I will get this error:
csf: 1.1.1.1 set as "do not delete" - not removed
Of course I can remove this IP perfectly by editing csf.deny and manually remove that comment line # do not delete
, then when I run csf -d 1.1.1.1
it will get deleted.
Does CSF has this option to force remove this entry or is there alternative way to do this automatically via bash script? There are more than few hundred entries that have this # do not delete
. So, this is not easy to do manually.
You can use grep command without using csf -dr
:
#!/bin/bash
# Find IP:
ip="1.1.1.1"
search_csf_ip_without_comment=$(grep -w "^${ip}" "/etc/csf/csf.deny")
# If IP found:
if [[ -n "${search_csf_ip_without_comment}" ]]; then
echo "IP found, remove and restarting csf ..."
grep -wv "^${ip}" "/etc/csf/csf.deny" >write.tmp && mv write.tmp "/etc/csf/csf.deny"
csf -r > /dev/null
else
echo "IP not found"
fi