iptables block ssh attempt 適用於RedHat,Fedora
#容忍值可以調高一點(粗體字)
#! /bin/bash
VAL=`grep Failed /var/log/secure | awk '{print $(NF-3)}' |cut -d: -f4 | sort | uniq -c |awk '{print $1"="$2}'`
for i in $VAL
do
NUM=`echo $i|awk -F= '{print $1}'`
IP=`echo $i|awk -F= '{print $2}'`
if [ $NUM -gt 5 ] && [ -z "`iptables -vnL INPUT|grep $IP`" ]
then
iptables -I INPUT -p tcp -s $IP -j REJECT --reject-with tcp-reset
echo "platinum log: `date` $IP($NUM)" >> /var/log/val.log
fi
done
iptables block ssh attempt 適用於Debian
#容忍值可以調高一點(粗體字)
#!/bin/bash
VAL=`grep Illegal /var/log/auth.log | awk '{print $10}' | sort | uniq -c | awk '{print $1"="$2}'`
for i in $VAL
do
NUM=`echo $i|awk -F= '{print $1}'`
echo $NUM
IP=`echo $i|awk -F= '{print $2}'`
echo $IP
if [ $NUM -gt 5 ] && [ -z "`iptables -vnL INPUT|grep $IP`" ]
then
iptables -I INPUT -p tcp -s $IP -j REJECT --reject-with tcp-reset
echo "platinum log: `date` $IP($NUM)" >> /var/log/val.log
fi
done
學長, 當我要找reject參數時, 卻跑到你這了, 只能說google真神奇.
回覆刪除by the way, 用centos搞不好比rhel多了.
科科...
回覆刪除在沒有資詢需求及技術支援的情況下. 我想
centos 就夠了
有沒有考慮改用freebsd