#! /Bin/sh # varnish cut the log every other day
/Usr/sbin/ntpdate 202.112.10.36>/dev/null
Logpath =/data/logs
If [-F $ logpath/varnish. Log]; then
MV $ logpath/varnish. Log $ logpath/varnish. 'date "+ % Y-% m-% d" '. Log
Killall-9 varnishncsa
/Usr/bin/varnishncsa-N/var/lib/Varnish/varnish01.example.com/-W/data/logs/varnish. log &
Fi
# Analyze varnishi access logs to prevent CC crawlers. varnish logs must be cut once a day, and the script is executed in an endless loop mode. Each execution will sleep for an hour and more than accesses will be obtained within an hour, and the HTTP response code is 4xx IP
#! /Bin/sh
While true
Do
Num = 100 #
Varnishlog = "/data/logs/varnish. log "#
For I in 'tac $ varnishlog | awk' begin {"date-d \"-60 minute \ "+ \" % H: % m: % s \ "" | Getline hour1ago} {If (substr ($4, 14)> hour1ago & $9 ~ "4 .. ") print} '| awk' {print $1} '| sort | uniq-c | sort-Rn | awk-v count = $ num' {if ($1> count) {print $2 }}''
Do
Iptables-I input-p tcp-S $ I -- dport 80-J drop # Drop
Done
Sleep 3600 # Sleep 1 hous
Iptables-F # Clear iptables
Done
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/38/17/wKiom1OyhI3DtD_rAABLsebzf74061.png "Title =" varnish. PNG "alt =" wkiom1oyhi3dtd_raablsebzf74061.png "/>
This article is from the "crazy_linux" blog, please be sure to keep this http://mkernel.blog.51cto.com/8015041/1433141