跳转至

44. 脚本:防ddos攻击

6.7 防ddos攻击脚本

cat /var/log/nginx/access.log |awk '{print $1}'|grep -v "^$"|sort|uniq -c

脚本

#!/bin/bash
file=$1
while true
do
    awk '{print $1}' ${file}|grep -v "^$"|sort |uniq -c >/tmp/my_access_ip.log
    exec < /tmp/my_access_ip.log
    while read line
    do
        ip=`echo $line|awk '{print $2}'`
        count=`echo $line|awk '{print $1}'`
        if [ $count -gt 500  ] && [ `iptables -L -n |grep "$ip"|wc -l` -lt 1 ];then
            iptables -I INPUT -s $ip -j DROP
            echo "$line is dropped" >/tmp/drop_list_$(date +%F).log
        fi
    done
    sleep 3600
done
最后更新: 2022-02-19 13:59:07