cc () {
IGNORE_IP_LIST="/shell/list" #白名单
iptables -L -n |awk '{print $4}' |grep -v '0.0.0.0' |grep -v '[A-Z]'|grep -v '[a-z]'|grep -v '^$' > /tmp/ip.txt
IP="/tmp/ip.txt"
list=`netstat -an |grep ^tcp.*:80|egrep -v 'LISTEN|127.0.0.1'|awk -F"[ ]+|[:]" '{print $6}'|sort|uniq -c|sort -rn|awk '{if ($1>100){print $2}}'`
for i in $list
do
grep "$i" $IGNORE_IP_LIST >/dev/null #判断IP是不是已经在白名单里面是的话退出
if [ $? = 0 ]
then
echo "no" >/dev/null
else
grep "$i" $IP >/dev/null #判断IP是不是已经在iptables里面是的话退出
if [ $? = 0 ]
then
echo "no" >/dev/null
else
iptables -I INPUT -s $i -j DROP >> /var/log/ip_list.log
mail -s "$i is killed " 123456@163.com
fi
fi
done
while [ true ];
do
/bin/sleep 1
cc
done
原文链接:https://blog.csdn.net/qq_14997169/article/details/52811386?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522169114730816800227497644%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fblog.%2522%257D&request_id=169114730816800227497644&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~blog~first_rank_ecpm_v1~times_rank-15-52811386-null-null.268%5Ev1%5Ekoosearch&utm_term=cc%E9%98%B2%E6%8A%A4
原创文章,作者:优速盾-小U,如若转载,请注明出处:https://www.cdnb.net/bbs/archives/21600
