利用ip_conntrack表实现封ip的shell脚本,并有简单的web发布

#if [ "$wc" -gt 2500 ] && [ "$date2" -gt 10 ]
if [ "$wc" -ge 0 ]
then
#------------------------------
        awk '{$1}{if ($1>30 && $1<50) print $2}' /tmp/tmp11.txt > /tmp/tmp22-1.txt
        awk '{$1}{if ($1>=50 && $1<100) print $2}' /tmp/tmp11.txt > /tmp/tmp22-2.txt
        awk '{$1}{if ($1>=100) print $2}' /tmp/tmp11.txt > /tmp/tmp22-3.txt
        cut -c1-15 /tmp/tmp22-1.txt > /tmp/tmp33-1.txt
        cut -c1-15 /tmp/tmp22-2.txt > /tmp/tmp33-2.txt
        cut -c1-15 /tmp/tmp22-3.txt > /tmp/tmp33-3.txt
        wcblackip1=`cat /tmp/tmp33-1.txt | wc -l`
        wcblackip2=`cat /tmp/tmp33-2.txt | wc -l`
        wcblackip3=`cat /tmp/tmp33-3.txt | wc -l`

######################################
##---------------- To make a index.html -----------------------##
######################################

        echo "<b>If the total IPs >2500 <font color=\"#ff0000\">(total $wc at $date)</font> AND if:</b>" > /var/www/html/wwy/drop/index.html
        echo "<p>you connect <b>\">100\"</b>, you ip will be killed in <b>30min</b>.</p>" >>/var/www/html/wwy/drop/index.html
        echo "<p>you connect <b>\"50-100\"</b>, you ip will be killed in <b>15min</b>.</p>" >>/var/www/html/wwy/drop/index.html
        echo "<p>you connect <b>\"30-50\"</b>, you ip will be killed in <b>10min</b>.</p>" >>/var/www/html/wwy/drop/index.html
        echo "<hr color=\"#ff8000\">" >> /var/www/html/wwy/drop/index.html
        echo "<p><b><font color=\"#ff0000\">These IPs (total $wcblackip3 + $wcblackip2 + $wcblackip1) were killed, at <font size=5>$date</font></font>  <a href=../all>(look-up all IPs)</a></b></p>" >> /var/www/html/wwy/drop/index.html
        awk '{$1}{if ($1>=100) print $1, $2}' /tmp/tmp11.txt|sort -nr|awk '{print "<p>""<font color=\"#ff0000\">"$1"</font>""\t","<b>"$2"</b>""\t""kill 30min""</p>"}' >> /var/www/html/wwy/drop/index.html
        awk '{$1}{if ($1>=50 && $1<100) print $1, $2}' /tmp/tmp11.txt|sort -nr|awk '{print "<p>"$1"\t","<b>"$2"</b>""\t""kill 15min""</p>"}' >> /var/www/html/wwy/drop/index.html
        awk '{$1}{if ($1>30 && $1<50) print $1, $2}' /tmp/tmp11.txt|sort -nr|awk '{print "<p>"$1"\t","<b>"$2"</b>""\t""kill 10min""</p>"}' >> /var/www/html/wwy/drop/index.html
        echo "<p><b>You can \"ctrl + F\" to find your ip's connects.(total $wc IPs at $date)</b></p>" > /var/www/html/wwy/all/index.html
        echo "<p><a href=../drop> <-- back </a></p>" >> /var/www/html/wwy/all/index.html
        cat /tmp/tmp11.txt | sort -nr | awk '{print "<p>"$1"\t",$2"\t""</p>"}' >> /var/www/html/wwy/all/index.html

#####################################
##----------------- Use iptables to DROP ---------------------##
#####################################

        make_clr
        if [ -s /tmp/tmp33-3.txt ];then
                kill 30m /tmp/tmp33-3-clr.txt /tmp/tmp33-3.txt &
                sleep 1s
        fi
        if [ -s /tmp/tmp33-2.txt ];then
                kill 15m /tmp/tmp33-2-clr.txt /tmp/tmp33-2.txt &
                sleep 1s
        fi
        if [ -s /tmp/tmp33-1.txt ];then
                kill 10m /tmp/tmp33-1-clr.txt /tmp/tmp33-1.txt &
                sleep 1s
        fi

#-------------------------------
elif [ "$date2" -lt 5 ] && [ "$date2" -gt 3 ]
then
        while read clrall;do
                clr_conns $clrall
        done < /tmp/tmp111.txt
        echo "clr at $date " >> /tmp/killip/tmp.log.txt
fi

#####################################
##------------------- make system log ------------------------##
#####################################
if [ ! -e /tmp/killip/tmp.log.txt ]; then
        mkdir /tmp/killip
        touch /tmp/killip/tmp.log.txt
fi
echo "$wc $date $cpu $cpu2 $wcblackip3 + $wcblackip2 + $wcblackip1" >> /tmp/killip/tmp.log.txt