ddos_ipset
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
ddos_ipset [2009/05/31 21:04] kyxap |
ddos_ipset [2013/12/15 11:51] kyxap Page moved from howto:ddos_ipset to ddos_ipset |
||
|---|---|---|---|
| Line 35: | Line 35: | ||
| SCRIPTHOME="/root/antiddos"; | SCRIPTHOME="/root/antiddos"; | ||
| # don't change anything bellow | # don't change anything bellow | ||
| - | grep "$BADREQUEST}" $LOGPATH | awk -F ' ' '{ print $ 1 }' | sort | uniq -c | ${SCRIPTHOME}/num-filter.pl $MINREQUESTS >> ${SCRIPTHOME}/in_blacklist.add.pre | + | grep "${BADREQUEST}" $LOGPATH | awk -F ' ' '{ print $ 1 }' | sort | uniq -c | ${SCRIPTHOME}/num-filter.pl $MINREQUESTS >> ${SCRIPTHOME}/in_blacklist.add.pre |
| - | sort -u < {SCRIPTHOME}/in_blacklist.add.pre > ${SCRIPTHOME}/in_blacklist.add | + | sort -u < ${SCRIPTHOME}/in_blacklist.add.pre > ${SCRIPTHOME}/in_blacklist.add |
| cat ${SCRIPTHOME}/in_blacklist.add > ${SCRIPTHOME}/in_blacklist | cat ${SCRIPTHOME}/in_blacklist.add > ${SCRIPTHOME}/in_blacklist | ||
| for i in `cat ${SCRIPTHOME}/in_blacklist`; | for i in `cat ${SCRIPTHOME}/in_blacklist`; | ||
| Line 60: | Line 60: | ||
| * Добавляем запуск скрипта **/root/antiddos/blacklist.sh** в крон с интервалом в 10 минут. | * Добавляем запуск скрипта **/root/antiddos/blacklist.sh** в крон с интервалом в 10 минут. | ||
| - | ==== ПРИМЕР ФАЕРВОЛА С ИСПОЛЬЗОВАНИЕМ GEOIP ==== | + | ----------------------------------------------------------------------------------- |
| + | |||
| + | Фильтрация с GeoIP | ||
| + | # apt-get install xtables-addons-source | ||
| + | # | ||
| + | |||
| + | == ПРИМЕР ФАЕРВОЛА С ИСПОЛЬЗОВАНИЕМ GEOIP == | ||
| <code bash> | <code bash> | ||
| #!/bin/bash | #!/bin/bash | ||
ddos_ipset.txt · Last modified: 2016/01/27 21:31 by kyxap
