国产探花免费观看_亚洲丰满少妇自慰呻吟_97日韩有码在线_资源在线日韩欧美_一区二区精品毛片,辰东完美世界有声小说,欢乐颂第一季,yy玄幻小说排行榜完本

首頁(yè) > 網(wǎng)站 > 建站經(jīng)驗(yàn) > 正文

centos redhat系列對(duì)抗ddos之居家必備利器 banip.txt

2019-11-02 16:16:27
字體:
來(lái)源:轉(zhuǎn)載
供稿:網(wǎng)友
復(fù)制代碼 代碼如下:

##############################################

#version="20100718"

#author="phpsir"

#author_email="phpsir@phpsir.com"

##############################################

maxnum=50

runmin_max=300

#runmin_max is clear time

ipfile="/tmp/80link.txt"

banip_data_file="/root/banip_data.txt"

ipopenfile="/root/openip.txt"

nsfile="/tmp/netstat80.txt"

myip=`/sbin/ifconfig eth0 | grep inet | awk '{print $2}' | sed 's/addr://' | grep .`

if [ ! -f $ipopenfile ]

then

echo "init $ipopenfile"

touch $ipopenfile

fi

if [ -f $banip_data_file ]

then

source $banip_data_file

echo "last runtime=$runtime"

else

echo "init $banip_data_file"

echo 'runtime='`date "+%s"` > $banip_data_file

source $banip_data_file

runmin_max=-1

fi

echo "start shell" `date "+%Y-%m-%d %H:%M:%S"`

runmin=$((`date "+%s"`-$runtime))

if [ $runmin -gt $runmin_max ]

then

echo $runmin "is bigger than " $runmin_max

echo "clear ips"

/sbin/iptables -F

echo 'runtime='`date "+%s"` > $banip_data_file

else

echo $runmin "is lowwer than " $runmin_max

fi

netstat -an | grep "$myip:80" > $nsfile

echo "Total Links = " `cat $nsfile | wc -l `

echo "Total Links ESTABLISHED = " `cat $nsfile | grep ESTABLISHED | wc -l `

echo "Total Links SYNC = " `cat $nsfile | grep SYN | wc -l `

cat $nsfile | awk '{print $5}' | awk -F: '{print $1}' | sort|uniq -c|sort -rn | head -n 10 > $ipfile

cat $ipfile | while read oneline

do

ip=`echo $oneline | cut -d " " -f 2`

num=`echo $oneline | cut -d " " -f 1`

str="$ip has linked $num "

banme="yes"

for allowip in `cat $ipopenfile`

do

echo $ip | grep $allowip > /dev/null

if [ $? -eq 0 ]

then

banme="no"

echo $allowip "banme = " $banme

/sbin/iptables -D INPUT -p tcp -s $ip -d $myip --dport 80 -j REJECT > /dev/null 2>&1

continue

fi

done

if [ $banme = "yes" ]

then

if [ $num -gt "$maxnum" ]

then

/sbin/iptables -L -n | grep "$ip" >/dev/null

status=`echo $?`

if [ $status -eq 1 ]

then

echo "deny $ip ,because $str "

/sbin/iptables -A INPUT -p tcp -s $ip -d $myip --dport 80 -j REJECT

echo "BAN " $ip " OK "

#/sbin/iptables -L -n | grep "$ip"

else

echo > /dev/null

#echo "$str alread reject"

fi

else

echo > /dev/null

#echo "$str $ip ok ,less $maxnum "

fi

fi

done

echo "stop shell" `date "+%Y-%m-%d %H:%M:%S"`

發(fā)表評(píng)論 共有條評(píng)論
用戶名: 密碼:
驗(yàn)證碼: 匿名發(fā)表
主站蜘蛛池模板: 七台河市| 双柏县| 万全县| 桓台县| 清流县| 广河县| 濉溪县| 南木林县| 休宁县| 海原县| 云南省| 石首市| 额济纳旗| 盘锦市| 青川县| 北京市| 涟源市| 吕梁市| 黄浦区| 齐齐哈尔市| 青河县| 乌拉特前旗| 昂仁县| 贵州省| 万盛区| 宣城市| 杭锦旗| 乌拉特后旗| 工布江达县| 栾川县| 丰台区| 林甸县| 平潭县| 楚雄市| 盐池县| 高阳县| 平乡县| 广安市| 伊吾县| 泰和县| 阳泉市|