shell脚本查找tcp过多ip地址封掉

#!/bin/bash

#hc 
source /etc/profile

iplist=`netstat -ntu | awk '{print $5}'| cut -d':' -f1| sort |uniq -c | sed 'N;$d;P;D' | awk '{if($1>100)print $2}'`
for ip in $iplist
do
iptables -I INPUT -s $ip -j DROP
echo "$ip is drop!"
done

 

####定时任务 

crontab -e

*/5 * * * * /bin/bash /service/script/netstatip.sh