#!/bin/bash
#
#---------------------------------------------------------------------------------------
#Scripname:killip,baseonip_conntrack,writebywwy.
#---------------------------------------------------------------------------------------
cpu=`sar-u11|awk'{print$7}'|tail-1`
#
while["`pidofsleep`"];do
echo"sheisrunning,sorry"
exit1
done
if[!"`lsmod|grepip_conntrack`"];then
modprobeip_conntrack
fi
####################################
##----------------------functions-----------------------------##
####################################
functionmake_clr{
whilereadclr33;do
cat/tmp/tmp111.txt|grep$clr33%26gt;%26gt;/tmp/tmp33-3-clr.txt
done%26lt;/tmp/tmp33-3.txt
whilereadclr22;do
cat/tmp/tmp111.txt|grep$clr22%26gt;%26gt;/tmp/tmp33-2-clr.txt
done%26lt;/tmp/tmp33-2.txt
whilereadclr11;do
cat/tmp/tmp111.txt|grep$clr11%26gt;%26gt;/tmp/tmp33-1-clr.txt
done%26lt;/tmp/tmp33-1.txt
}
functionclr_conns{
S_IP=$1
D_IP=$2
S_PORT=$3
D_PORT=$4
hping2$D_IP-R-s$S_PORT-p$D_PORT-a$S_IP-k-c1%26gt;/dev/null2%26gt;/dev/null%26amp;
}
functionkill(){
SLEEP_TIME=$1
CLR_LIST=$2
BLACK_LIST=$3
whilereadblackip;do
iptables-IFORWARD2-ieth0-s$blackip/32-jDROP
done%26lt;$BLACK_LIST
sleep$SLEEP_TIME
#-----------------------------------#
whilereadclr3;do
clr_conns$clr3
done%26lt;$CLR_LIST
#-----------------------------------#
sleep1
whilereadreblackip;do
iptables-DFORWARD-ieth0-s$reblackip/32-jDROP
done%26lt;$BLACK_LIST
}
#####################################
##---------------Tomakea"blacklist"----------------------##
#####################################
echo%26gt;/tmp/tmp11.txt
echo%26gt;/tmp/tmp111.txt
echo%26gt;/tmp/ip_conntrack.tmp
echo%26gt;/tmp/tmp33-3-clr.txt
echo%26gt;/tmp/tmp33-2-clr.txt
echo%26gt;/tmp/tmp33-1-clr.txt
echo%26gt;/tmp/tmp22-3.txt
echo%26gt;/tmp/tmp22-2.txt
echo%26gt;/tmp/tmp22-1.txt
echo%26gt;/tmp/tmp33-3.txt
echo%26gt;/tmp/tmp33-2.txt
echo%26gt;/tmp/tmp33-1.txt
if[!-e/var/www/html/wwy/index.html];then
mkdir/var/www/html/wwy/
mkdir/var/www/html/wwy/all
mkdir/var/www/html/wwy/drop
5B
touch/var/www/html/wwy/index.html
fi
#----------------------------------------------------------------------------#
echo-e"cp/proc/net/ip_conntrack/tmp/ip_conntrack.tmp......\c"
cp/proc/net/ip_conntrack/tmp/ip_conntrack.tmp
echo-e"done!\n"
sleep1
#----------------------------------------------------------------------------#
wc=`cat/tmp/ip_conntrack.tmp|grepESTABLISHED|awk-F='{print$2,$3,$4,$5}'|grep^172.|sort|awk'{print$1,$3,$5,$7}'|tee/tmp/tmp111.txt|awk'{print$1}'|uniq-c|tee/tmp/tmp11.txt|wc-l`
date=`date' m/dH:M'`
cpu2=`sar-u11|awk'{print$7}'|tail-1`
date2=`date' H'`
#----------------------------------------------------------------------------#
sleep1
#----------------------------------------------------------------------------#
#if["$wc"-gt2500]%26amp;%26amp;["$date2"-gt10]
if["$wc"-ge0]
then
#------------------------------
awk'{$1}{if($1%26gt;30%26amp;%26amp;$1%26lt;50)print$2}'/tmp/tmp11.txt%26gt;/tmp/tmp22-1.txt
awk'{$1}{if($1%26gt;=50%26amp;%26amp;$1%26lt;100)print$2}'/tmp/tmp11.txt%26gt;/tmp/tmp22-2.txt
awk'{$1}{if($1%26gt;=100)print$2}'/tmp/tmp11.txt%26gt;/tmp/tmp22-3.txt
cut-c1-15/tmp/tmp22-1.txt%26gt;/tmp/tmp33-1.txt
cut-c1-15/tmp/tmp22-2.txt%26gt;/tmp/tmp33-2.txt
cut-c1-15/tmp/tmp22-3.txt%26gt;/tmp/tmp33-3.txt
wcblackip1=`cat/tmp/tmp33-1.txt|wc-l`
wcblackip2=`cat/tmp/tmp33-2.txt|wc-l`
wcblackip3=`cat/tmp/tmp33-3.txt|wc-l`
######################################
##----------------Tomakeaindex.html-----------------------##
######################################
echo"%26lt;b%26gt;IfthetotalIPs%26gt;2500%26lt;fontcolor=\"#ff0000\"%26gt;(total$wcat$date)%26lt;/font%26gt;ANDif:%26lt;/b%26gt;"%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;p%26gt;youconnect%26lt;b%26gt;\"%26gt;100\"%26lt;/b%26gt;,youipwillbekilledin%26lt;b%26gt;30min%26lt;/b%26gt;.%26lt;/p%26gt;"%26gt;%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;p%26gt;youconnect%26lt;b%26gt;\"50-100\"%26lt;/b%26gt;,youipwillbekilledin%26lt;b%26gt;15min%26lt;/b%26gt;.%26lt;/p%26gt;"%26gt;%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;p%26gt;youconnect%26lt;b%26gt;\"30-50\"%26lt;/b%26gt;,youipwillbekilledin%26lt;b%26gt;10min%26lt;/b%26gt;.%26lt;/p%26gt;"%26gt;%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;hrcolor=\"#ff8000\"%26gt;"%26gt;%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;p%26gt;%26lt;b%26gt;%26lt;fontcolor=\"#ff0000\"%26gt;TheseIPs(total$wcblackip3 $wcblackip2 $wcblackip1)werekilled,at%26lt;fontsize=5%26gt;$date%26lt;/font%26gt;%26lt;/font%26gt;%26lt;ahref=../all%26gt;(look-upallIPs)%26lt;/a%26gt;%26lt;/b%26gt;%26lt;/p%26gt;"%26gt;%26gt;/var/www/html/wwy/drop/index.html
awk'{$1}{if($1%26gt;=100)print$1,$2}'/tmp/tmp11.txt|sort-nr|awk'{print"%26lt;p%26gt;""%26lt;fontcolor=\"#ff0000\"%26gt;"$1"%26lt;/font%26gt;""\t","%26lt;b%26gt;"$2"%26lt;/b%26gt;""\t""kill30min""%26lt;/p%26gt;"}'%26gt;%26gt;/var/www/html/wwy/drop/index.html
awk'{$1}{if($1%26gt;=50%26amp;%26amp;$1%26lt;100)print$1,$2}'/tmp/tmp11.txt|sort-nr|awk'{print"%26lt;p%26gt;"$1"\t","%26lt;b%26gt;"$2"%26lt;/b%26gt;""\t""kill15min""%26lt;/p%26gt;"}'%26gt;%26gt;/var/www/html/wwy/drop/index.html
awk'{$1}{if($1%26gt;30%26amp;%26amp;$1%26lt;50)print$1,$2}'/tmp/tmp11.txt|sort-nr|awk'{print"%26lt;p%26gt;"$1"\t","%26lt;b%26gt;"$2"%26lt;/b%26gt;""\t""kill10min""%26lt;/p%26gt;"}'%26gt;%26gt;/var/www/html/wwy/drop/index.html
echo"%26lt;p%26gt;%26lt;b%26gt;Youcan\"ctrl F\"tofindyourip'sconnects.(total$wcIPsat$date)%26lt;/b%26gt;%26lt;/p%26gt;"%26gt;/var/www/html/wwy/all/index.html
echo"%26lt;p%26gt;%26lt;ahref=../drop%26gt;%26lt;--back%26lt;/a%26gt;%26lt;/p%26gt;"%26gt;%26gt;/var/www/html/wwy/all/index.html
cat/tmp/tmp11.txt|sort-nr|awk'{print"%26lt;p%26gt;"$1"\t",$2"\t""%26lt;/p%26gt;"}'%26gt;%26gt;/var/www/html/wwy/all/index.html
#####################################
##-----------------UseiptablestoDROP---------------------##
#####################################
make_clr
if[-s/tmp/tmp33-3.txt];then
kill30m/tmp/tmp33-3-clr.txt/tmp/tmp33-3.txt%26amp;
sleep1s
fi
if[-s/tmp/tmp33-2.txt];then
kill15m/tmp/tmp33-2-clr.txt/tmp/tmp33-2.txt%26amp;
sleep1s
fi
if[-s/tmp/tmp33-1.txt];then
kill10m/tmp/tmp33-1-clr.txt/tmp/tmp33-1.txt%26amp;
sleep1s
fi
#-------------------------------
elif["$date2"-lt5]%26amp;%26amp;["$date2"-gt3]
then
whilereadclrall;do
clr_conns$clrall
done%26lt;/tmp/tmp111.txt
echo"clrat$date"%26gt;%26gt;/tmp/killip/tmp.log.txt
fi
#####################################
##-------------------makesystemlog------------------------##
#####################################
if[!-e/tmp/killip/tmp.log.txt];then
mkdir/tmp/killip
touch/tmp/killip/tmp.log.txt
fi
echo"$wc$date$cpu$cpu2$wcblackip3 $wcblackip2 $wcblackip1"%26gt;%26gt;/tmp/killip/tmp.log.txt