Problemer med script.

Hej exp.

Jeg bruger følgende script til at blokere for ip adresser der prøver at logge ind på min server via ssh:

theoracle:/var/banscript# cat intruderscript.pl
#!/usr/bin/perl
        use Date::Format;
        use Sys::Syslog;

        # Intruder log file in /var/log to write in if we have future attacks
        $intruderlog="intruder_alert";

        $backup=0;
        $tmp=`grep "sshd" /var/log/auth.log|grep "Illegal user"|awk -F" " '{print \$8,\$10,\$6,\$7}'|uniq -c -f 1`;
        @tmpline = split(/\n/,$tmp);
        foreach $tmp (@tmpline) {
                $_=$tmp;
                if (/.(\d+)/) {
                        $nr=$1;
                if (/.\d+.[a-z|0-9]+.\:\:ffff\:([a-z|0-9|\:|\.]+)/) {
                        $client=$1;
                if ($nr>10) {
                        &action;
                }
                }
                }
        }
        exit;

sub action {
        $deny="/etc/hosts.deny";
        $chk=`grep " $client " $deny|wc -l`;
        if ($chk==0) {
                print time2str("%Y%m%d.%H%M%S",time)." - SSH attack - $client - $nr \"Illegal user\" detected\n";
                $line=$_;
                $line =~ s/^\s+//;
                &actionbackup;
                open (F,">>/etc/hosts.deny") || die "Can't open /etc/hosts.deny: $!\n";
                print F "ALL: $client : spawn /bin/echo `/bin/date` - ban ssh - %c - %d >> /var/log/$intruderlog\n";
                close (F);
                syslog("auth|info","$0: $client banned");
        }
}

sub actionbackup {
        if ($backup<1) {
                $backupcmd="/etc/!backup/hosts.deny.".time2str("%Y%m%d.%H%M%S",time);
                $backupcmd=`cp /etc/hosts.deny $backupcmd`;
                $backup=1;
        }
}

Min crontab -e ser således ud:

# m h  dom mon dow  command
*/3 * * * * root if [ -x /var/banscript/intruderscript.pl ]; then; /var/banscript/intruderscript.pl >>/var/banscript/log/intruderscript.log; fi

Der bliver ikke skrevet noget til /etc/hosts.deny.

Når jeg prøver at køre scriptet med ./intruderscript får jeg følgende:

theoracle:/var/banscript# ./intruderscript.pl
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LC_CTYPE = "da_DK.iso8859-1",
        LANG = "da_DK ISO-8859-1"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
theoracle:/var/banscript#             

Har prøvet at rette fejlen, men det er ikke lykkedes mig så godt. Men burde den ikke køre scriptet alligevel?