CentOS Redhat series against DDoS home essential tool Banip.txt_linux

Copy Code code as follows:

##############################################
#version = "20100718"
#author = "Phpsir"
#author_email = "Phpsir@phpsir.com"
##############################################
Maxnum=50
runmin_max=300
#runmin_max is clear time
Ipfile= "/tmp/80link.txt"
Banip_data_file= "/root/banip_data.txt"
Ipopenfile= "/root/openip.txt"
Nsfile= "/tmp/netstat80.txt"

myip= '/sbin/ifconfig eth0 | grep inet | awk ' {print $} ' | Sed ' s/addr://' | grep. '
if [!-F $ipopenfile]
Then
echo "Init $ipopenfile"
Touch $ipopenfile
Fi
If [f $banip _data_file]
Then
SOURCE $banip _data_file
echo "Last Runtime= $runtime"
Else
echo "Init $banip _data_file"
Echo ' runtime= ' date ' +%s ' > $banip _data_file
SOURCE $banip _data_file
Runmin_max=-1
Fi

echo "Start Shell" ' Date ' +%y-%m-%d%h:%m:%s '
runmin=$ (' Date ' +%s '-$runtime)
If [$runmin-gt $runmin _max]
Then
Echo $runmin "is bigger than" $runmin _max
echo "Clear IPs"
/sbin/iptables-f
Echo ' runtime= ' date ' +%s ' > $banip _data_file
Else
Echo $runmin "is lowwer than" $runmin _max
Fi

Netstat-an | grep "$myip:" > $nsfile

echo "Total Links =" Cat $nsfile | Wc-l '
echo "Total Links established =" Cat $nsfile | grep established | Wc-l '
echo "Total Links SYNC =" Cat $nsfile | grep SYN | Wc-l '

Cat $nsfile | awk ' {print $} ' | Awk-f: ' {print $} ' | Sort|uniq-c|sort-rn | Head-n > $ipfile

Cat $ipfile | While Read oneline
Todo
Ip= ' echo $oneline | Cut-d ""-F 2 '
Num= ' echo $oneline | Cut-d ""-F 1 '
Str= "$ip has linked $num"
Banme= "Yes"

For Allowip in ' Cat $ipopenfile '
Todo
echo $ip | grep $ALLOWIP >/dev/null
If [$?-eq 0]
Then
Banme= "No"
echo $allowip "Banme =" $banme
/sbin/iptables-d input-p tcp-s $ip-D $myip--dport 80-j REJECT >/dev/null 2>&1
Continue
Fi
Done

if [$BANME = "yes"]
Then
If [$num-gt "$maxnum"]
Then
/sbin/iptables-l-N | grep "$ip" >/dev/null
Status= ' echo $? '
If [$status-eq 1]
Then
echo "Deny $ip, because $str"
/sbin/iptables-a input-p tcp-s $ip-D $myip--dport 80-j REJECT
echo "BAN" $ip "OK"
#/sbin/iptables-l-N | grep "$ip"
Else
echo >/dev/null
#echo "$str alread reject"
Fi
Else
echo >/dev/null
#echo "$str $ip OK, less $maxnum"
Fi
Fi

Done

echo "Stop Shell" ' Date ' +%y-%m-%d%h:%m:%s '