遮蔽刷postfix IP的指令碼
阿新 • • 發佈:2018-12-19
#!/bin/bash LOGFILE="/var/log/maillog" #統計maillog中authentication failure的IP個數與IP grep "authentication failure" $LOGFILE|awk '{print $7}'|grep -E -o "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+"|sort|uniq -c > af_iplist.txt #取出AF出現大於300次時的IP awk '$1>300 {print $2}' af_iplist.txt > block_ip_list.txt #大於300次AF的IP新增到iptables中 cat block_ip_list.txt|while read line do /sbin/iptables -nL | grep $line if [ $? != 0 ] then iptables -I INPUT -s $line -j DROP fi done
--------------------- 作者:BecanDiao 來源:CSDN 原文:https://blog.csdn.net/github_38816863/article/details/72614694 版權宣告:本文為博主原創文章,轉載請附上博文連結!