SHELL练习-安全类脚本

1.屏蔽每分钟访问超过200的IP

#!/bin/bash
LOG=/var/log/httpd/access_log
DATE=$(date +%d/%b/%Y:%H:%M)

tail -2000 $LOG | grep $DATE |awk  '{++IP[$1]} END {for (k in IP) if (IP[k] > 3) print k}' > deny_ip

while read line
do
        iptables -L -n | tr -s " " | awk -F"[ :]" '/^DROP/ && $NF==80 {print $4}' > ipTempList
        if ! grep $lin3 ipTempList
        then
                iptables -I INPUT -p tcp --dport 80 -s $line -j DROP
        fi
done < deny_ip

rm -rf deny_ip ipTempList

2.拒绝ssh暴力破解

#!/bin/bash

lastb | egrep -v "^btmp|^$" | awk '{++IP[$3]} END {for (k in IP) if (IP[k] > 3)  print k}' > deny_ip

while read line
do
        iptables -L -n | tr -s " "| awk -F"[: ]" '/^DROP/ && $NF==22 {print $4}' > tmp_ip
        if ! grep $line tmp_ip &>/dev/null
        then
                iptables -I INPUT -p tcp --dport 22 -s $line -j DROP
        fi
done < deny_ip
rm -f deny_ip tmp_ip