#!/bin/bash
while true
do
badip=$(lastb -i -a | awk '/ssh:notty/ {print $NF}'|sort|uniq -c|awk '($1>3) {print $2}')
for i in $badip
iptables -t filter -I INPUT -s $i -p tcp --dport 22 -j DROP
done
: > /var/log/btmp
sleep 10s
本文轉自 freeterman 51CTO部落格,原文連結:http://blog.51cto.com/myunix/1642193,如需轉載請自行聯系原作者
![unit 1 - redhat Enterprise 8.0 Linux 指令行使用技巧[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)