封超过100个连接的IP防DDOS

Standard
#!/bin/sh
/bin/netstat -an|grep ESTABLISHED|awk{print $5}|awk -F: ‘{print $1}|sort|uniq -c|sort -rn|grep -v -E172.10|127.0|awk{if ($2!=null && $1>100) {print $2}}>/tmp/ddosip
for i in $(cat /tmp/ddosip)
do
/sbin/iptables -I INPUT  -p tcp -m tcp -s $i –dport 80 –syn -j REJECT
done

2 thoughts on “封超过100个连接的IP防DDOS

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.