Shell防DDOS攻击原理

Posted 2020-07-15 李兴利

    #!/bin/sh
	#date:2015-12-13
	#filename:fang-DOS.sh 
	#version:v1.0
	while true
	do
	    #awk ‘{print $1}‘ access_2015-12-15.log|grep -v "^$"|sort|uniq -c >/tmp/tmp.log
	    netstat -an|grep EST|awk -F ‘[ :]+‘ ‘{print $6}‘|sort|uniq -c >/tmp/tmp.log 
	    exec </tmp/tmp.log
	    while read line
	    do
	        ip=`echo $line|awk ‘{print $2}‘`
	        count=`echo $line|awk ‘{print $1}‘`
	        if [ $count -gt 3 ] && [ `iptables -L -n|grep "$ip"|wc -l` -lt 1 ]
	          then 
	              iptables -I INPUT -s $ip -j DROP
	              echo "$line is dropped" >>/tmp/droplist.log
	        fi
	    done
	       sleep 5 
	 done

　　更多内容请访问 李兴利博客