標籤:防ddos 指令碼
#!/bin/sh
#auther RuM
#date 20140716
cc ( )
{
[ -f ignore.ip.list ] || echo "127.0.0.1" > ignore.ip.list
netstat -ntu | awk ‘{print $5}‘ | cut -d: -f4 | sort | uniq -c | sort -nr > BAD_IP_LIST
while read line; do
CURR_LINE_CONN=$(echo $line | cut -d" " -f1)
CURR_LINE_IP=$(echo $line | cut -d" " -f2)
iptables -L -n |grep -i $CURR_LINE_IP >>/dev/null
if [ $? = 0 ];then
break
else
if [ $CURR_LINE_CONN -lt 100 ]; then
break
else
IGNORE_BAN=`grep -c "$CURR_LINE_IP" ignore.ip.list` >>/dev/null
if [ $IGNORE_BAN -ge 1 ]; then
continue
else
iptables -I INPUT -s $CURR_LINE_IP -j DROP >> /dev/null
fi
fi
fi
done < BAD_IP_LIST
}
while true;do
cc
sleep 1
done
1 ignore.ip.list 可以添加白名單
2 $CURR_LINE_CONN -lt 100 這個100按自己需求去定義這裡預設是寫了100個並發串連就拒絕了
最後指令碼在後台執行就迴圈了
本文出自 “信不信由你” 部落格,請務必保留此出處http://312461613.blog.51cto.com/965442/1439774
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
