检测ip是否通过

#!/bin/bash
netstat -an |grep "ESTABLISHED" |awk '{print $4}' |awk -F ':' '{print $1}' |sort |uniq >> dropip
for ip in `cat dropip`
do
if [[ $ip =~ "192" ]] || [[ $ip =~ "127" ]];then
echo "pass"
else
echo "$ip"
cmd=`iptables -I INPUT -p tcp -s $ip -j DROP`
$cmd
echo "$cmd" >> /var/log/ddos
fi
done

posted @ 2019-11-06 14:15  liyf023  阅读(123)  评论(0编辑  收藏  举报