利用shell自动将异常IP加入iptables黑名单
#!/bin/bashnetstat -na | grep ESTAB | awk '{print $5}' | awk -F: '{print $1}' | egrep -v '192.168|127.0' | uniq -c | awk '{if($2!=null && $1>1){print $2}}' > /root/dropip.txt
for i in $(cat /root/dropip.txt)
do
/sbin/iptables -A INPUT -s $i -j DROP
echo "$i" >> /root/dropip.log
done
页:
[1]