自动分析黑名单及白名单的iptables脚本
2017/10/28 17:42:44 点击:
#!/bin/bash
cat /root/block.txt |while read block
do
iptables -A INPUT -p tcp -m tcp -s $block --dport 80 -j REJECT
iptables-save
/etc/rc.d/init.d/iptables-save
done</root/block.txt
#/bin/bash
netstat -an| grep :80 | grep -v 127.0.0.1 |awk '{ print $5 }' | sort|awk -F: '{print $1,$4}' | uniq -c | awk '$1 >50 {print $1,$2}' > /root/black.txt
for i in `awk '{print $2}' /root/black.txt`
do
COUNT=`grep $i /root/black.txt | awk '{print \$1}'`
DEFINE="50"
ZERO="0"
if [ $COUNT -gt $DEFINE ];
then
grep $i /root/white.txt > /dev/null
if [ $? -gt $ZERO ];
then
echo "$COUNT $i"
iptables -I INPUT -p tcp -s $i -j DROP
fi
fi
done
cat /root/block.txt |while read block
do
iptables -A INPUT -p tcp -m tcp -s $block --dport 80 -j REJECT
iptables-save
/etc/rc.d/init.d/iptables-save
done</root/block.txt
#/bin/bash
netstat -an| grep :80 | grep -v 127.0.0.1 |awk '{ print $5 }' | sort|awk -F: '{print $1,$4}' | uniq -c | awk '$1 >50 {print $1,$2}' > /root/black.txt
for i in `awk '{print $2}' /root/black.txt`
do
COUNT=`grep $i /root/black.txt | awk '{print \$1}'`
DEFINE="50"
ZERO="0"
if [ $COUNT -gt $DEFINE ];
then
grep $i /root/white.txt > /dev/null
if [ $? -gt $ZERO ];
then
echo "$COUNT $i"
iptables -I INPUT -p tcp -s $i -j DROP
fi
fi
done
- 上一篇:552 5.1.1 Mailbox delivery failure policy error [2017-11-3]
- 下一篇:rinetd安装使用 [2017-10-28]