[root@gateway1 denyip]# more 24wwwip.sh
#!/bin/bash
#/root/shell/denyip/wwwip.sh|cut -d: -f1|uniq|cut -d. -f1-3|uniq -c|more
/root/shell/denyip/wwwip.sh|cut -d: -f1|uniq|cut -d. -f1-2|uniq -c|sort -nr|more
[root@gateway1 denyip]# more denyip.sh
#!/bin/bash
PATH=/sbin:$PATH
logfile=/var/log/denyip.log
date +%Y-%m-%d' '%H:%M:%S' ' >> $logfile
uptime|sed s/^.*average:[[:blank:]]/'average load: '/ >> $logfile
enableDenyCheck=`uptime | awk '{print $10}' | cut -d',' -f1 | awk '{print ($1 > 3)?"1":"0";}'`;
if [ "$enableDenyCheck" -eq "0" ]; then
echo '' >> $logfile
exit 0;
fi
/root/shell/denyip/countwwwip.sh|grep -v -f /root/shell/denyip/notdenyip.cfg > /tmp/ip.tmp
grep -v ^' ' /tmp/ip.tmp > /tmp/ip.txt
grep ^....' '[5-9] /tmp/ip.tmp >> /tmp/ip.txt
if
grep . /tmp/ip.txt >/dev/null
then
#cat /tmp/ip.tmp >> /var/www/html/log/denyip.txt
#sed s/^.*[[:blank:]]/'iptables -I INPUT -p tcp --dport 80 -j DROP -s '/ /tmp/ip.txt | /bin/bash
#·?ip
sed s/^.*[[:blank:]]/'iptables -I INPUT -p tcp --dport 80 --syn -j DROP -s '/ /tmp/ip.txt | /bin/bash
sed s/^.*[[:blank:]]/'iptables -I INPUT -p tcp --dport 80 --syn -m limit --limit 5\/m -j ACCEPT -s '/ /tmp/ip.txt | /bin/bash
#???????
fname=/root/shell/denyip/denyip/"ip"`date +%Y%m%d%H%M%S`
sed s/^.*[[:blank:]]/'iptables -D INPUT -p tcp --dport 80 --syn -j DROP -s '/ /tmp/ip.txt >$fname
sed s/^.*[[:blank:]]/'iptables -D INPUT -p tcp --dport 80 --syn -m limit --limit 5\/m -j ACCEPT -s '/ /tmp/ip.txt >>$fname
echo '*****************************' >> $logfile
sed s/^.*[[:blank:]]/'Denying IP '/ /tmp/ip.txt >>$logfile
#iptables-save > /etc/sysconfig/iptables
fi
echo '' >> $logfile
#?С???
for fname in `find /root/shell/denyip/denyip/ -type f -mmin +60`
do
chmod u+x $fname
cat $fname| /bin/bash &>/dev/null
rm -f $fname
done
