自动添加黑名单iptables脚本

#/bin/bash
netstat -an| grep :80 | grep -v 127.0.0.1 |awk '{ print $5 }' | sort|awk -F: '{print $1,$4}' | uniq -c | awk '$1 >50 {print $1,$2}' > /root/denyip
for i in `awk '{print $2}' /root/denyip`
do
COUNT=`grep $i /root/denyip | awk '{print \$1}'`
DEFINE="50"
ZERO="0"
if [ $COUNT -gt $DEFINE ];
then
#白名单　可能没用　
#grep $i /root/white.txt > /dev/null
　　if [ $? -gt $ZERO ];
　　　then
　　　echo "$COUNT $i"
　　iptables -I INPUT -p tcp -s $i -j DROP
　　fi
fi
done
#命令监控时:
netstat -an| grep :25 | grep -v 127.0.0.1 |awk '{ print $5 }' | sort|awk -F: '{print $1}' | uniq -c | awk '$1 >100'
[root@localhost evan]# cat deny.sh
#/bin/bash
#test for friend on 20170719pm
netstat -an| grep :80 | grep -v 127.0.0.1 |awk '{ print $5 }' | sort|awk -F: '{print $1,$4}' | uniq -c | awk '$1 >5 {print $1,$2}' > /root/denyip
file0=`date +%s`
cp /root/denyip /root/denyip${file0}
for i in `awk '{print $2}' /root/denyip`
do
COUNT=`grep $i /root/denyip | awk '{print \$1}'`
DEFINE="5"
ZERO="0"
if [ $COUNT -gt $DEFINE ];
then
iptables -I INPUT -p tcp -s $i -j DROP
fi
done