#!/bin/bash
# -*- coding: UTF-8 -*-
# Filename: host_deny.sh
# Description: 将SSH多次登录失败的IP加入黑名单
# Date: 2020-05-26
cat /var/log/secure | awk '/Failed/{print $(NF-3)}' | sort | uniq -c | awk '{print $2"="$1}' > /tmp/black
list=`cat /tmp/black`
for i in $list; do
ip=`echo $i | awk -F= '{print $1}'`
num=`echo $i | awk -F= '{print $2}'`
if [[ $num -gt 3 ]]; then
grep $ip /etc/hosts.deny &> /dev/null
if [[ $? -gt 0 ]]; then
echo "sshd:$ip" >> /etc/hosts.deny
fi
fi
done
cp /dev/null /tmp/black
exit
将SSH多次登录失败的IP加入黑名单
最新推荐文章于 2024-01-17 12:38:45 发布