centos6.5 iptables结合ipset批量屏蔽ip

安装ipset

yum install ipset
#创建ip地址集合
ipset create bansms hash:net

查找访问了“getVerificationCode”并且次数大于10次的ip

cat /usr/local/nginx/logs/access.log | grep getVerificationCode | awk '{print $1}' | sort | uniq -c | sort -n -k 1 -r |awk '{if ($1>10) print $2}'

将IP添加到集合

ipset add bansms IP地址

添加到防火墙策略

iptables -I INPUT -m set --match-set bansms src -j DROP
service iptables save
service iptables stop
service iptables start

参考资料：

https://intxt.net/block-ip-with-ipset/

https://linux.cn/article-4904-1.html