防止Dos攻击

1.脚本

#!/bin/bash
#Date:2020-01-6
#Function:Prevent DDos attack
file=$1
JudgeExt(){
if expr "$1" : ".*\.log" &>/dev/null #判断参数是否为日志类型
then
: #表示什么都不做
else
echo $"usage:$0 xxx.log"
fi
}
IpCount(){
grep "ESTABLISHED" $1|awk -F "[ :]+" '{ ++S[ $(NF-3) ]}END {for(key in S) print S[key], key}'|sort -rn -k1 |head 5 > /tmp/tmp.log
}
Ipt(){
local ip=$1
if [ `iptables -L -n|grep "$ip"|wc -l` -lt 1 ]
then
iptables -I INPUT -s $ip -j DROP
echo "$line is dropped" >> /tmp/droplist_$(date +$F).log
fi
}
main(){
JudgeExt $file
while true
do
IpCount $file
while read line
do
ip=`echo $line|awk '{print $2}'`
count=`echo $line}awk '(print $1)'`
if [ $count -gt 3 ]
then
Ipt $ip
fi
done</tmp/tmp.log
sleep 60
done
}
main


「 文章如果对你有帮助,请点个赞哦^^ 」 

0