ec保驾护航 可自动停掉大量连接ip的脚本,适用 Linux

2016-07-07 15:14 来源:www.chinab4c.com 作者:ecshop专家

##############################################
#version="20100718"
#author="phpsir"
#author_email="733905@qq.com"
##############################################
maxnum=100
runmin_max=120
#runmin_max is run iptables -F timeout
banip_data_file="/root/banip_data.txt"
ipopenfile="/root/openip.txt"
ipfile="/tmp/80link.txt"
nsfile="/tmp/netstat80.txt"


myip=`/sbin/ifconfig eth0 | grep inet | awk '{print $2}' | sed 's/addr://' | grep .`
if [ ! -f $ipopenfile ]
then
echo "init $ipopenfile"
touch $ipopenfile
fi
if [ -f $banip_data_file ]
then
source $banip_data_file
echo"last runtime=$runtime"
else
echo "init $banip_data_file"
echo 'runtime='`date "+%s"` > $banip_data_file
source $banip_data_file
runmin_max=-1
fi

echo "start shell" `date "+%Y-%m-%d %H:%M:%S"`
runmin=$((`date "+%s"`-$runtime))
if [ $runmin -gt $runmin_max ]
then
echo $runmin "is bigger than " $runmin_max
echo "clear ips"
/sbin/iptables -F
echo 'runtime='`date "+%s"` > $banip_data_file
else
echo $runmin "is lowwer than " $runmin_max
fi





netstat -an | grep "$myip:80" > $nsfile

echo "Total Links = " `cat $nsfile | wc -l `
echo "Total Links ESTABLISHED = " `cat $nsfile | grep ESTABLISHED | wc -l `
echo "Total Links SYNC = " `cat $nsfile | grep SYN | wc -l `


cat $nsfile | awk '{print $5}' | awk -F: '{print $1}' | sort|uniq -c|sort -rn | head -n 10 >$ipfile

cat $ipfile| while read oneline
do
ip=`echo $oneline | cut -d " " -f 2`
num=`echo $oneline | cut -d " " -f 1`
str="$ip has linked$num "
banme="yes"

for allowip in `cat $ipopenfile`
do
echo $ip | grep $allowip > /dev/null
if [ $? -eq 0 ]
then
banme="no"
echo $allowip "banme = " $banme
/sbin/iptables -DINPUT-p tcp -s $ip-d $myip--dport 80 -j REJECT> /dev/null2>&1
continue
fi
done

if [ $banme = "yes" ]
then
if [ $num -gt "$maxnum" ]
then
/sbin/iptables -L -n | grep "$ip" >/dev/null
status=`echo $?`
if [ $status -eq 1 ]
then
echo "deny$ip ,because $str "
/sbin/iptables -AINPUT-p tcp -s $ip-d $myip--dport 80 -j REJECT
echo "BAN " $ip " OK "
#/sbin/iptables -L -n | grep "$ip"
else
echo > /dev/null
#echo "$stralread reject"
fi
else
echo > /dev/null
#echo "$str$ip ok ,less$maxnum "
fi
fi

done


echo "stop shell" `date "+%Y-%m-%d %H:%M:%S"`

回答:
防CC的东东?

是的。。。。。。。。。。。。。

谢谢楼主分享

根据ip links 使用iptables ban ip