安装ipset
yum install ipset #创建ip地址集合 ipset create bansms hash:net
查找访问了“getVerificationCode”并且次数大于10次的ip
cat /usr/local/nginx/logs/access.log | grep getVerificationCode | awk '{print $1}' | sort | uniq -c | sort -n -k 1 -r |awk '{if ($1>10) print $2}'
将IP添加到集合
ipset add bansms IP地址
添加到防火墙策略
iptables -I INPUT -m set --match-set bansms src -j DROP
service iptables save
service iptables stop
service iptables start
本文转自秋楓博客园博客,原文链接:http://www.cnblogs.com/rwxwsblog/p/5382215.html,如需转载请自行联系原作者
