五分钟内访问次数最多的ip加入到防火墙
#!/bin/bash
cat /etc/httpd/logs/access_log|grep `date -d '1-minute-ago' +%d/%b/%Y:%H:%M`|awk '{print $1}'|sort |uniq -c|sort -n|awk '$1>30 {print $2}'>test.txt
a=`cat test.txt`
for i in $a
do
iptables -D INPUT -s $i -j DROP >/dev/null
iptables -I INPUT -s $i -j DROP
done