#!/bin/bash
netstat -ano | grep tcp | awk -F" " '{print $5}' | awk -F":" '{print $1}' | sort -t " " -k 1 | uniq -c | grep -vE "127.0.0.1|0.0.0.0" > ipfw.txt
sed -i "/^$/d" ipfw.txt
cat ipfw.txt
ipfw=(`cat ipfw.txt | awk -F" " '{print $2}'`) ; echo $ipfw
NR=$(cat ipfw.txt | wc -l); echo $NR
zdyljs=1000 ; echo "访问限制tcp连接数;$zdyljs"
echo "tcp连接数管控执行中,,,,, `date` " >> /root/jinzhiip.txt
for((i=0;i<$NR;i++))
do
ljs=`cat ipfw.txt | grep ${ipfw[$i]} | awk -F" " '{print $1}'` ; echo "${ipfw[$i]} 连接数为: $ljs"
if [ $ljs -gt $zdyljs ]
then
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="${ipfw[$i]}" port protocol="tcp" port="80" reject"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="${ipfw[$i]}" port protocol="tcp" port="443" reject"
firewall-cmd --reload
echo "${ipfw[$i]} 连接数为: $ljs 超过法制:$zdyljs 连接数,被禁止访问" >> /root/jinzhiip.txt
echo "${ipfw[$i]} 连接数为: $ljs 超过法制:$zdyjks 连接数,被禁止访问 并且计入日志文件:/root/jinzhiip.txt"
echo "------------------------------------"
fi
done
echo "*/1 * * * * root /root/1.sh" >> /etc/crontab
