mitchellkrogza · September 17, 2024 08:28
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/bash
 # Run this from Cron using @reboot - the script runs continiously
 # Change your email address below
 # Change pi.hole (Line 31) to your own PiHole Hostname
 # Change search terms in the array below (Line 9) to whatever words you want to monitor

 # Define the log file and search terms
 LOG_FILE="/var/log/pihole/pihole.log"
 SEARCH_TERMS="xvid|porn|hamster|gay|faphouse|boyfriend|xnxx|maletube|cock|chaturbate|stripchat|streamen|flirt|jizz|boys|2gochat|dragy|grindr|hoop|likee"
 ALERT_EMAIL="[email protected]" # Replace with your email address

 # Function to send an email alert
 send_alert() {
    echo "Send Mail"
    local found_word="$1"
    echo -e "Alert: The word '$found_word' was found in $LOG_FILE\n\n$line\n\nFrom: ${USERIP} - ${HOSTNAME}" | mail -s "Log Alert" "$ALERT_EMAIL"
    echo "Mail Sent"
 }

 # Function to monitor the log file
 monitor_log() {
    tail -f "$LOG_FILE" | while read -r line; do
        # Search for the terms in the new line (case-insensitive)
        if echo "$line" | grep -iE "$SEARCH_TERMS"; then
            # Extract the found word
            for word in $(echo "$SEARCH_TERMS" | tr "|" "\n"); do
                if echo "$line" | grep -iq "$word"; then
                    echo "Find IP"
                    echo "$line"
                    USERIP=$(echo $line | grep -E -o '(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)')
                    echo "Find Hostname"
                    HOSTNAME=$(nslookup "${USERIP}" pi.hole)
                    echo ${USERIP}
                    echo ${HOSTNAME}
                    echo "Send Email"
                    send_alert "$word"
                    echo "$word"
                    
                    # Sleep for 90 seconds to avoid immediate subsequent alerts
                    sleep 90
                    
                    # Restart the monitoring process
                    pkill -P $$ tail # Kill the current tail process
                    monitor_log # Restart the monitoring process
                fi
            done
        fi
    done
 }

 # Start monitoring the log file
 monitor_log
	#!/bin/bash
	# Run this from Cron using @reboot - the script runs continiously
	# Change your email address below
	# Change pi.hole (Line 31) to your own PiHole Hostname
	# Change search terms in the array below (Line 9) to whatever words you want to monitor

	# Define the log file and search terms
	LOG_FILE="/var/log/pihole/pihole.log"
	SEARCH_TERMS="xvid\|porn\|hamster\|gay\|faphouse\|boyfriend\|xnxx\|maletube\|cock\|chaturbate\|stripchat\|streamen\|flirt\|jizz\|boys\|2gochat\|dragy\|grindr\|hoop\|likee"
	ALERT_EMAIL="[email protected]" # Replace with your email address

	# Function to send an email alert
	send_alert() {
	echo "Send Mail"
	local found_word="$1"
	echo -e "Alert: The word '$found_word' was found in $LOG_FILE\n\n$line\n\nFrom: ${USERIP} - ${HOSTNAME}" \| mail -s "Log Alert" "$ALERT_EMAIL"
	echo "Mail Sent"
	}

	# Function to monitor the log file
	monitor_log() {
	tail -f "$LOG_FILE" \| while read -r line; do
	# Search for the terms in the new line (case-insensitive)
	if echo "$line" \| grep -iE "$SEARCH_TERMS"; then
	# Extract the found word
	for word in $(echo "$SEARCH_TERMS" \| tr "\|" "\n"); do
	if echo "$line" \| grep -iq "$word"; then
	echo "Find IP"
	echo "$line"
	USERIP=$(echo $line \| grep -E -o '(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)')
	echo "Find Hostname"
	HOSTNAME=$(nslookup "${USERIP}" pi.hole)
	echo ${USERIP}
	echo ${HOSTNAME}
	echo "Send Email"
	send_alert "$word"
	echo "$word"

	# Sleep for 90 seconds to avoid immediate subsequent alerts
	sleep 90

	# Restart the monitoring process
	pkill -P $$ tail # Kill the current tail process
	monitor_log # Restart the monitoring process
	fi
	done
	fi
	done
	}

	# Start monitoring the log file
	monitor_log