防止SSH破解密码，超过次数，加入iptables

vim ssh.sh

#!/bin/bash

######对日志进行统计，并统计出那些IP累计访问达到30的就计入到文档，利用for循环执行iptables命令......

cat /var/log/secure | awk '/Failed/{print $(NF - 3)}' | sort | uniq -c| sort -n -r | awk '{if($1>30) print $2}' > /root/badip.txt

HOST=$(cat /root/badip.txt)

for i in $HOST

do

iptables -I INPUT -s $i -j DROP

echo "$i is a bad ip.....iptables DROP" > /root/mail-ip.txt

mail -s "iptables" [email protected] < /root/mail-ip.txt

done

~