Idea: mainly utilize awk, if structure, sort, uniq
#!/bin/bash
FilePath=""
awk '{print $1}' $FilePath | sort -rn | uniq -c >ip_count.log
cat ip_count.log | while read text ####Read the file contents in the behavior unitdo
echo $text
count=`echo $text | awk '{print $1}' `
ip=`echo $text | awk '{print $2}'`
if [ $count -gt 20 ]
then
if iptables -L | grep $ip ###Judge whether it is already in iptablesthen
echo "The ip address exists in iptables, not added"
else
echo "Add ip address to iptables"
iptables -A INPUT -s $ip -j DROP && echo $ip >>ip_drop.log
/etc//iptables save &> /dev/null ###Make iptables effective/etc//iptables restart &> /dev/null
fi
else
echo "Not reached the standard, not added to iptables"
fi
done
Finally, we can add the script to the timed task (crontab) and execute it regularly, so that dynamic addition can be achieved.
The above is what the editor introduced to you to use Shell scripts to solve DDOS attack problems. I hope it will be helpful to everyone. If you have any questions, please leave me a message and the editor will reply to everyone in time. Thank you very much for your support for my website!