centos6 shell脚本如下:
cat $1 | while read line
do
iptables -I OUTPUT -s ${line%.*}.0/24 -j DROP
iptables -I INPUT -s ${line%.*}.0/24 -j DROP
echo "File:${line%.*}"
done
service iptables save
service iptables restart
echo "done"
centos7 shell脚本如下:
cat $1 | while read line
do
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="'${line}'" drop'
echo "File:${line}"
done
firewall-cmd --reload
service firewalld restart
echo "done"
黑客ip地址列表范例文件 ip.txt
117.50.48.6
122.114.231.114
159.89.142.172
58.218.66.104
183.131.83.112
223.112.190.70
47.90.92.121
218.60.67.75
89.248.168.171
140.143.208.71
58.218.66.104
222.73.85.188
222.73.85.111
183.131.83.36
80.211.64.182
45.6.188.2
222.186.153.206
42.51.12.33
114.116.69.119
183.131.83.50
112.213.121.199
218.60.67.79
47.90.244.131
114.116.69.119
183.131.83.112
123.249.9.107
58.218.66.104
47.88.60.73
213.136.94.246
158.69.241.103
89.248.168.171
211.159.150.15
122.114.31.128
58.218.56.89
50.62.6.14
222.240.241.27
50.62.6.14
222.240.241.27
156.237.129.203
223.112.190.70
183.131.83.112
61.176.193.3
111.73.46.154
58.218.56.89
213.23.12.149
79.61.177.116
103.224.251.151
218.93.201.199
202.114.144.230
123.249.9.149
211.144.157.50
213.128.88.99
123.249.42.97
45.249.94.214
111.73.46.19
183.131.83.36
218.3.54.153
213.136.94.246
111.73.46.19
104.211.223.219
27.148.156.41
58.221.57.5
218.2.0.70
117.239.150.75
218.2.0.70
218.93.201.199
211.144.157.50
43.255.31.76
202.43.154.162
218.93.201.199
218.60.67.79
202.43.154.162
80.15.195.37
211.144.157.50
114.116.69.119
118.24.100.142
202.43.154.162
218.93.201.199
58.221.57.5
162.221.185.58
50.62.6.14
51.38.203.146
81.17.25.29
168.121.239.240
189.91.32.89
111.231.68.208
213.136.94.246
43.255.31.76
111.73.46.37
111.73.46.19
183.131.83.17
123.249.9.126
61.160.212.149
41.242.112.218
61.160.212.149
123.249.9.74
118.69.37.227
117.50.34.162
92.56.236.155
101.254.225.93
69.64.78.58
125.220.159.168
101.254.150.210
111.67.197.2
211.144.157.50
221.205.118.253
117.50.34.162
183.131.83.5
218.93.201.199
118.25.217.217
203.189.234.208
58.218.56.81
115.215.221.114
156.232.158.52
218.93.201.199
centos6调用范例:
./fs.sh ip.txt
centos7调用范例:
./fs.sh ip.txt
大体思想就是通过shell脚本循环按行读取需要封杀的ip地址列表文件,然后执行封杀操作,最后重启防火墙!