黑帽联盟
标题:
shell防ddos攻击脚本
[打印本页]
作者:
定位
时间:
2017-3-20 21:40
标题:
shell防ddos攻击脚本
最近服务器经常受到攻击,并且还大多数是晚上,实在是受不了晚上起来处理,直接从网上搜了个写得不错的shell封ddos脚本,这个脚本是老外写的,我觉得效果还不错,发给大家看看吧.
系统:centos 5.9 64位
脚本内容:
vi ipdrop.sh
#!/bin/bash
#Collecting list of ip addresses connected to port 80
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1 > /root/iplist
#Limit the no of connections
LIMIT=100;
for ip in `cat /root/iplist |awk '{print $2}'`;do
if [ `grep $ip /root/iplist | awk '{print $1}'` -gt $LIMIT ]
then
echo "100 connection from $ip... `grep $ip /root/iplist | awk '{print $1}'` number of connections... Blocking $ip";
#Blocking the ip ...
/etc/rc.d/init.d/iptables save > /dev/null;
CHECK_IF_LOCALIP=0;
/sbin/ifconfig | grep $ip > /dev/null;
if [ $? -ne $CHECK_IF_LOCALIP ]
then
{
FLAG=0;
grep $ip /etc/sysconfig/iptables | grep DROP > /dev/null;
if [ $? -ne $FLAG ]
then
iptables -I INPUT -s $ip -j DROP;
else
echo " Ipaddress $ip is already blocked ";
fi
}
else
echo " Sorry, the ip $ip cannot be blocked since this is a local ip of the server ";
fi
fi
done
复制代码
欢迎光临 黑帽联盟 (https://bbs.cnblackhat.com/)
Powered by Discuz! X2.5