SHELL脚本实现拦截DDOS***
一个很实用的iptables脚本,实现自动拒绝可疑IP地址,并发送报警邮件,短信linux:~ # catiptables
#!/bin/bash
touch /root/back_bad_ip.txt
time=`date +"%Y-%m-%d %H:%M:%S"`
ar=`wc -l /root/back_bad_ip.txt |awk '{print $1}'`
sleep 1
#红色自己改有端口, SYN_RECV等
netstat -an |grep 80 |grep -v "STREAM"|awk '{print $5 }'|sort | awk -F: '{print $1}'|uniq -c |awk '$1 > 100 {print $1,$2}' > /root/bad_ip ;
cat bad_ip |awk -vtime="$time" '{print time" | " $1" | "$2}' >>/root/back_bad_ip.txt
ar2=`wc -l /root/back_bad_ip.txt |awk '{print $1}'`
for i in `awk '{print $2}' /root/bad_ip`
do
iptables -I INPUT -s $i -j DROP
done
i1=`echo "$ar2-$ar" |bc `
tail0=`tail -n $i1 /root/back_bad_ip.txt`
for i2 in `echo "$ar2-$ar" |bc`
do
if ([ $i2 -gt 0]&&[ $i2 -lt 5 ]) ; then
sendmail -t
页:
[1]