标签:ipset

ipset+iptables添加黑名单列表

#!/bin/bash ipset list |grep blacklist if [ $? == 1 ];then ipset create blacklist hash:ip else ipset flush blacklist fi for i in `cat filter.txt` do { ipset add blacklist $i } done iptables -nvL |grep blacklist if [ $? == 1 ];then iptables -I INPUT -…

阅读全文
通过ipset+iptables封堵异常连接IP

如果同一个IP异常连接超过某个值,就将该IP加入黑名单,180S后释放该IP #!/bin/bash ipset create blacklist hash:ip timeout 180 iplist=`netstat -ntu | awk ‘{print $5}’| cut -d’:’ -f1| sort |uniq -c | sed ‘N;$d;P;D’ | awk ‘{if($1>30)print $2}’` for ip in $iplist do # iptables -I IN…

阅读全文