#!/bin/sh
rm -rf ./tmp
netstat -nap|
awk '{if ($6=="ESTABLISHED") print $5}'|sort|awk 'BEGIN{FS=":"} {print $1}'|awk 'BEGIN{w3=0;} {w2=$1;if(NR==1){w1=w2;n
ext};if(w1==w2) {w3=w3+1} else {if(w3>;10) {print w1;};w1=w2;w3=0}}'>;tmp
for i in $(cat ./tmp)
do
/sbin/iptables -A INPUT -s $i -j DROP
echo "The $i is disable at `date`">;>;/var/log/ddos
done
把这个程序加入到cron中(我是每三分钟运行一次)。
再touch /var/log/ddos.
转自:
阅读(1256) | 评论(1) | 转发(0) |
