利用SHELL脚本自动拦截DDOS攻击

#!/bin/bash 
#fix by leipore at 2014-12-18  ddos-autoprotection.sh
touch /root/back_bad_ip.txt 
time=`date +"%Y-%m-%d %H:%M:%S"` 
ar=`wc -l /root/back_bad_ip.txt |awk ‘{print $1}‘` 
sleep 1 
netstat -an |grep 80 |grep -v "STREAM"|awk ‘{print $5 }‘|sort | awk -F: ‘{print $1}‘|uniq -c |awk ‘$1 > 200 {print $1,$2}‘ > /root/bad_ip; 
cat /root/bad_ip |awk -vtime="$time" ‘{print time" | " $1" | "$2}‘ >>/root/back_bad_ip.txt 
ar2=`wc -l /root/back_bad_ip.txt |awk ‘{print $1}‘` 
for i in `awk ‘{print $2}‘ /root/bad_ip`;do 
if [ ‘$i‘ = " " ];then 
exit :q
else 
iptables -I INPUT -s $i -j DROP 
fi 
done 
sum=$[$ar2 - $ar] 
if [ "$sum" -eq 0 ];then 
exit 
else 
/usr/lib/sendmail -f 189XXXXXXX@189.c-t 214999212@qq.com -s smtp.xx.cn -u "Subject:Report" -xu 1891XXXXXXX@189.cN-xp xxxxxx -m </root/back_bad_ip.txt 
fi

#!/bin/bash

while [ 1 ]

do

sh /scripts/ddos-autoprotection.sh

sleep 30

done