#获取日期
date=`date +"%y%m%d"`
#设置日志路径
data="/data/logs/abc.com/access.log"
#配置文件路径
conf="/usr/local/nginx/conf/selfconf/abc.conf"
#设置要监控的地址,多个地址用空格隔开,监控全局设为null
url='/pub/send/yzm/'
#白名单IP
Whitelist="1.1.1.1|2.2.2.2"
#过滤不计次错误返回值
error_num="403|503"
#最大次数
maxnum=100
#判断日志是否为空
if [ -s "$data" ];
then
#将每分钟的日志转存到每日日志里去
cat $data >> $data$date
#获取要禁的ip
for aurl in $url;
do
#判断是否有设置监控地址,否则全局监控
if [[ "$url"x == "null"x ]];
then
echo "grep -Ev $Whitelist|$error_num $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max=$maxnum '{if($1>max){print $2}}'"
deny=`grep -Ev "$Whitelist|$error_num" $data | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'`
else
deny=`awk '{if($7 == "'"$aurl"'"){print $0}}' $data | grep -Ev "$Whitelist|$error_num" | awk '{print $1}' |sort -t'.' -k1,1nr -k2,2nr -k3,3nr -k4,4nr | uniq -c |awk -v max="$maxnum" '{if($1>max){print $2}}'`
fi
#判断是否为空
if [[ "$deny"x != ""x ]];
then
for adeny in $deny;
do
sed -i "/server {/a\deny $adeny;" $conf
#echo $adeny
done
#添加日期
sed -i "/server {/a\\\n#$aurl $date" $conf
#重启nginx
/usr/local/nginx/sbin/nginx -s reload
fi
done
#清空日志
echo '' > $data
fi
浙公网安备 33010602011771号