cszer

banip

分类: 工作相关, 技术, shell   标签:    评论: 3   阅读:1,620 views

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
#!/bin/bash
#2014/01/02 caishzh
 
TODAY=$(date +%Y%m%d)
LOG=/home/caishzh/banip.log
ACCESSLOG=/opt/apache/logs/access-${TODAY}.log
TMPLOG=/tmp/banip_tmp.log
NOW=$(date +%Y%m%d%H%M)
TMPTIME=$(date -d "-5 minute" +%Y%m%d%H%M)
LIMIT=30
 
sed -n "/${TMPTIME}/,/${NOW}/p" $ACCESSLOG >$TMPLOG
 
grep zone_protocol.aspx?zone_id $TMPLOG |cut -d" " -f3|sort|uniq -c|awk -v limit="$LIMIT" '$1>limit{print $1,$2}' | while read times ip;
do
     if ! iptables-save|grep $ip >/dev/null && ! grep "${ip}$" /home/caishzh/whitelist >/dev/null;then
          iptables -I INPUT -s "$ip" -p tcp -m tcp --dport 80 -j DROP    
          echo "$(date +'%F %T')  $times  $ip" >>$LOG
     fi
done

除非注明,文章皆由( csz )原创,转载请标明本文地址
本文地址: http://www.cszhi.com/20140410/banip.html

04-10
2014

3 Comments for banip

发表评论