#!/bin/bash
netstat -antup | grep SYN_RECV | awk '{print $5}' |awk -F: '{print $1}'|sort|uniq -c > /tmp/opt
while read line
do
#echo $line
count=$(echo $line|awk '{print $1}')
ip=$(echo $line| awk '{print $2}')
if [ $count -gt 128 ];then
iptables -I INPUT -s $ip -j DROP
fi
done < /tmp/opt