44. 脚本:防ddos攻击
6.7 防ddos攻击脚本¶
cat /var/log/nginx/access.log |awk '{print $1}'|grep -v "^$"|sort|uniq -c
脚本
#!/bin/bash
file=$1
while true
do
awk '{print $1}' ${file}|grep -v "^$"|sort |uniq -c >/tmp/my_access_ip.log
exec < /tmp/my_access_ip.log
while read line
do
ip=`echo $line|awk '{print $2}'`
count=`echo $line|awk '{print $1}'`
if [ $count -gt 500 ] && [ `iptables -L -n |grep "$ip"|wc -l` -lt 1 ];then
iptables -I INPUT -s $ip -j DROP
echo "$line is dropped" >/tmp/drop_list_$(date +%F).log
fi
done
sleep 3600
done
最后更新:
2022-02-19 13:59:07