Anysome

Appearance

PV过量自动实现防火墙封IP

shell
#!/bin/bash

log=/tmp/tmp.log

[ -f $log ] || touch $log

function add_iptales()
{
    while read line
    do
        ip=`echo $line |awk '{print $2}'`
        count=`echo $line |awk '{print $1}'`
            if [ $count -gt 100 ] && [ `iptables -L -n |grep "$ip" |wc -l` -lt 1 ]
                then
                    iptables -I INPUT -s $ip -j DROP echo -e "$list isdropped">>/tmp/droplist.log
            fi
    done<$log
}

function main()
{
    while true
    do
        netstat -an|grep "EST" |awk -F '[:]+' '{print $6}'|sort |uniq -c >$log
        add_iptales
        sleep 180
    done
}

main

Copyright © 2019-2025