标签:屏蔽ip ip黑名单
#!/bin/bash
netstat -an|grep 80 |awk -F[:‘ ‘]+ ‘{print $6}‘ |sort -rn |uniq -c|awk ‘{ if($1>=25)print $2}‘>/tmp/dropip
#netstat -an|grep EST |awk -F[:‘ ‘]+ ‘{print $6}‘ |sort -rn |uniq -c |sort -rn |head -10 |awk ‘{ if($1>15)print $2}‘>/tmp/dropip
for i in $(cat /tmp/dropip|grep -v ‘127.0.0.1‘)
do
/sbin/iptables -I INPUT -p tcp --dport 80 -s $i -j DROP
echo "$i kill at `date`" >>/var/log/gua_ip.txt
done本文出自 “apache323” 博客,请务必保留此出处http://apache323.blog.51cto.com/6134209/1692451
标签:屏蔽ip ip黑名单
原文地址:http://apache323.blog.51cto.com/6134209/1692451
