iptables block ssh attempt attack

iptables block ssh attempt 適用於RedHat,Fedora
#容忍值可以調高一點(粗體字)
#! /bin/bash
VAL=`grep Failed /var/log/secure | awk '{print $(NF-3)}' |cut -d: -f4 | sort | uniq -c |awk '{print $1"="$2}'`
for i in $VAL
do
NUM=`echo $i|awk -F= '{print $1}'`

IP=`echo $i|awk -F= '{print $2}'`
if [ $NUM -gt 5 ] && [ -z "`iptables -vnL INPUT|grep $IP`" ]
then
iptables -I INPUT -p tcp -s $IP -j REJECT --reject-with tcp-reset
echo "platinum log: `date` $IP($NUM)" >> /var/log/val.log
fi
done
iptables block ssh attempt 適用於Debian
#容忍值可以調高一點(粗體字)
#!/bin/bash
VAL=`grep Illegal /var/log/auth.log | awk '{print $10}' | sort | uniq -c | awk '{print $1"="$2}'`
for i in $VAL
do
NUM=`echo $i|awk -F= '{print $1}'`
echo $NUM
IP=`echo $i|awk -F= '{print $2}'`
echo $IP
if [ $NUM -gt 5 ] && [ -z "`iptables -vnL INPUT|grep $IP`" ]
then
iptables -I INPUT -p tcp -s $IP -j REJECT --reject-with tcp-reset
echo "platinum log: `date` $IP($NUM)" >> /var/log/val.log
fi
done