IDC资讯中心 #!/bin/bash cpu=`sar-u11|awk{print$7}|tail-1` #################################### functionmake_clr{ } echo>/tmp/tmp11.txt ###################################### echo”<b>IfthetotalIPs>2500<fontcolor=\”#ff0000\”>(total$wcat$date)</font>ANDif:</b>”>/var/www/html/wwy/drop/index.html ##################################### make_clr #——————————- #####################################
#
#—————————————————————————————
#Scripname:killip,baseonip_conntrack,writebywwy.
#—————————————————————————————
#
while[“`pidofsleep`”];do
echo”sheisrunning,sorry”
exit1
done
if[!”`lsmod|grepip_conntrack`”];then
modprobeip_conntrack
fi
##———————-functions—————————–##
####################################
whilereadclr33;do
cat/tmp/tmp111.txt|grep$clr33>>/tmp/tmp33-3-clr.txt
done</tmp/tmp33-3.txt
whilereadclr22;do
cat/tmp/tmp111.txt|grep$clr22>>/tmp/tmp33-2-clr.txt
done</tmp/tmp33-2.txt
whilereadclr11;do
cat/tmp/tmp111.txt|grep$clr11>>/tmp/tmp33-1-clr.txt
done</tmp/tmp33-1.txt
}
functionclr_conns{
S_IP=$1
D_IP=$2
S_PORT=$3
D_PORT=$4
hping2$D_IP-R-s$S_PORT-p$D_PORT-a$S_IP-k-c1>/dev/null2>/dev/null&
}
functionkill(){
SLEEP_TIME=$1
CLR_LIST=$2
BLACK_LIST=$3
whilereadblackip;do
iptables-IFORWARD2-ieth0-s$blackip/32-jDROP
done<$BLACK_LIST
sleep$SLEEP_TIME
#———————————–#
whilereadclr3;do
clr_conns$clr3
done<$CLR_LIST
#———————————–#
sleep1
whilereadreblackip;do
iptables-DFORWARD-ieth0-s$reblackip/32-jDROP
done<$BLACK_LIST
#####################################
##—————Tomakea”blacklist”———————-##
#####################################
echo>/tmp/tmp111.txt
echo>/tmp/ip_conntrack.tmp
echo>/tmp/tmp33-3-clr.txt
echo>/tmp/tmp33-2-clr.txt
echo>/tmp/tmp33-1-clr.txt
echo>/tmp/tmp22-3.txt
echo>/tmp/tmp22-2.txt
echo>/tmp/tmp22-1.txt
echo>/tmp/tmp33-3.txt
echo>/tmp/tmp33-2.txt
echo>/tmp/tmp33-1.txt
if[!-e/var/www/html/wwy/index.html];then
mkdir/var/www/html/wwy/
mkdir/var/www/html/wwy/all
mkdir/var/www/html/wwy/drop
5B
touch/var/www/html/wwy/index.html
fi
#—————————————————————————-#
echo-e”cp/proc/net/ip_conntrack/tmp/ip_conntrack.tmp……\c”
cp/proc/net/ip_conntrack/tmp/ip_conntrack.tmp
echo-e”done!\n”
sleep1
#—————————————————————————-#
wc=`cat/tmp/ip_conntrack.tmp|grepESTABLISHED|awk-F={print$2,$3,$4,$5}|grep^172.|sort|awk{print$1,$3,$5,$7}|tee/tmp/tmp111.txt|awk{print$1}|uniq-c|tee/tmp/tmp11.txt|wc-l`
date=`date m/dH:M`
cpu2=`sar-u11|awk{print$7}|tail-1`
date2=`date H`
#—————————————————————————-#
sleep1
#—————————————————————————-#
#if[“$wc”-gt2500]&&[“$date2”-gt10]
if[“$wc”-ge0]
then
#——————————
awk{$1}{if($1>30&&$1<50)print$2}/tmp/tmp11.txt>/tmp/tmp22-1.txt
awk{$1}{if($1>=50&&$1<100)print$2}/tmp/tmp11.txt>/tmp/tmp22-2.txt
awk{$1}{if($1>=100)print$2}/tmp/tmp11.txt>/tmp/tmp22-3.txt
cut-c1-15/tmp/tmp22-1.txt>/tmp/tmp33-1.txt
cut-c1-15/tmp/tmp22-2.txt>/tmp/tmp33-2.txt
cut-c1-15/tmp/tmp22-3.txt>/tmp/tmp33-3.txt
wcblackip1=`cat/tmp/tmp33-1.txt|wc-l`
wcblackip2=`cat/tmp/tmp33-2.txt|wc-l`
wcblackip3=`cat/tmp/tmp33-3.txt|wc-l`
##—————-Tomakeaindex.html———————–##
######################################
echo”<p>youconnect<b>\”>100\”</b>,youipwillbekilledin<b>30min</b>.</p>”>>/var/www/html/wwy/drop/index.html
echo”<p>youconnect<b>\”50-100\”</b>,youipwillbekilledin<b>15min</b>.</p>”>>/var/www/html/wwy/drop/index.html
echo”<p>youconnect<b>\”30-50\”</b>,youipwillbekilledin<b>10min</b>.</p>”>>/var/www/html/wwy/drop/index.html
echo”<hrcolor=\”#ff8000\”>”>>/var/www/html/wwy/drop/index.html
echo”<p><b><fontcolor=\”#ff0000\”>TheseIPs(total$wcblackip3 $wcblackip2 $wcblackip1)werekilled,at<fontsize=5>$date</font></font><ahref=../all>(look-upallIPs)</a></b></p>”>>/var/www/html/wwy/drop/index.html
awk{$1}{if($1>=100)print$1,$2}/tmp/tmp11.txt|sort-nr|awk{print”<p>””<fontcolor=\”#ff0000\”>”$1″</font>””\t”,”<b>”$2″</b>””\t””kill30min””</p>”}>>/var/www/html/wwy/drop/index.html
awk{$1}{if($1>=50&&$1<100)print$1,$2}/tmp/tmp11.txt|sort-nr|awk{print”<p>”$1″\t”,”<b>”$2″</b>””\t””kill15min””</p>”}>>/var/www/html/wwy/drop/index.html
awk{$1}{if($1>30&&$1<50)print$1,$2}/tmp/tmp11.txt|sort-nr|awk{print”<p>”$1″\t”,”<b>”$2″</b>””\t””kill10min””</p>”}>>/var/www/html/wwy/drop/index.html
echo”<p><b>Youcan\”ctrl F\”tofindyouripsconnects.(total$wcIPsat$date)</b></p>”>/var/www/html/wwy/all/index.html
echo”<p><ahref=../drop><–back</a></p>”>>/var/www/html/wwy/all/index.html
cat/tmp/tmp11.txt|sort-nr|awk{print”<p>”$1″\t”,$2″\t””</p>”}>>/var/www/html/wwy/all/index.html
##—————–UseiptablestoDROP———————##
#####################################
if[-s/tmp/tmp33-3.txt];then
kill30m/tmp/tmp33-3-clr.txt/tmp/tmp33-3.txt&
sleep1s
fi
if[-s/tmp/tmp33-2.txt];then
kill15m/tmp/tmp33-2-clr.txt/tmp/tmp33-2.txt&
sleep1s
fi
if[-s/tmp/tmp33-1.txt];then
kill10m/tmp/tmp33-1-clr.txt/tmp/tmp33-1.txt&
sleep1s
fi
elif[“$date2”-lt5]&&[“$date2”-gt3]
then
whilereadclrall;do
clr_conns$clrall
done</tmp/tmp111.txt
echo”clrat$date”>>/tmp/killip/tmp.log.txt
fi
##——————-makesystemlog————————##
#####################################
if[!-e/tmp/killip/tmp.log.txt];then
mkdir/tmp/killip
touch/tmp/killip/tmp.log.txt
fi
echo”$wc$date$cpu$cpu2$wcblackip3 $wcblackip2 $wcblackip1″>>/tmp/killip/tmp.log.txt
利用ip_conntrack表实现封ip的shell脚本,并有简单的web发布_shell教程
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com 特别注意:本站所有转载文章言论不代表本站观点! 本站所提供的图片等素材,版权归原作者所有,如需使用,请与原作者联系。未经允许不得转载:IDC资讯中心 » 利用ip_conntrack表实现封ip的shell脚本,并有简单的web发布_shell教程
