封超过100个连接的IP防DDOS

#!/bin/sh
/bin/netstat -an|grep ESTABLISHED|awk ‘{print $5}’|awk -F: ‘{print $1}’|sort|uniq -c|sort -rn|grep -v -E ‘172.10|127.0′|awk ‘{if ($2!=null && $1>100) {print $2}}’>/tmp/ddosip
for i in $(cat /tmp/ddosip)
do
/sbin/iptables -I INPUT  -p tcp -m tcp -s $i –dport 80 –syn -j REJECT
done

2 thoughts on “封超过100个连接的IP防DDOS”

林刚

不知道会不会将百度、Google等蜘蛛也给屏蔽了？
- 2011-09-03 at 20:44
- Reply
- 叶茂盛
  
  它们爬到网站上应该不会这么多并发
  - 2011-09-22 at 16:53
  - Reply

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.